WordPress 6Storage Rentals plugin <= 2.22.0 - Unauthenticated Insecure Direct Object Reference to Arbitrary User Disclosure and Modification vulnerability

Unauthenticated Insecure Direct Object Reference to Arbitrary User Disclosure and Modification vulnerability discovered by g0wthr in WordPress Plugin 6Storage Rentals versions = 2.22.0...

CVE-2026-9185

The 6Storage Rentals plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 2.22.0 via the userId parameter of the sixstoragegetuserinfo and sixstorageupdateprofile AJAX actions. This is due to the sixstoragegetUserInfo and...

CVE-2025-67623

CVE-2025-67623 is a Server-Side Request Forgery (SSRF) vulnerability in the WordPress plugin 6Storage Rentals (6storage-rentals). Affected: 6Storage Rentals versions up to 2.22.0 (per NVD/CNVD/Red Hat and CVE listings). Root cause: inadequate validation/authentication enabling SSRF to internal re...

CVE-2025-67623 WordPress 6Storage Rentals plugin <= 2.22.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Server Side Request Forgery.This issue affects 6Storage Rentals: from n/a through = 2.22.0...

CVE-2025-67623 WordPress 6Storage Rentals plugin <= 2.22.0 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Server Side Request Forgery.This issue affects 6Storage Rentals: from n/a through = 2.22.0...

WordPress plugin 6Storage Rentals 安全漏洞

WordPress 6Storage Rentals plugin is a plugin designed for WordPress websites, designed to help webmasters easily manage the rental booking process for storage facilities. WordPress 6Storage Rentals plugin suffers from a server-side request forgery vulnerability, which stems from the server not...

WordPress plugin 6Storage Rentals 安全漏洞

WordPress 6Storage Rentals plugin is an easy to use plugin that allows tenants to book the desired storage facility on your website. WordPress 6Storage Rentals plugin suffers from an authorization issue vulnerability that stems from a lack of authorization, no details of the vulnerability are...

CVE-2025-47619

Missing Authorization vulnerability in 6Storage 6Storage Rentals 6storage-rentals allows Path Traversal.This issue affects 6Storage Rentals: from n/a through = 2.20.2...