Does Car Rental Manager – Online Vehicle Booking System have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Car Rental Manager – Online Vehicle Booking System compatible with WordPress 6.9.4?

According to WordPress.org data, Car Rental Manager – Online Vehicle Booking System 1.3.5 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Car Rental Manager – Online Vehicle Booking System compatible with PHP 7.2+?

Car Rental Manager – Online Vehicle Booking System requires PHP 7.2 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is Car Rental Manager – Online Vehicle Booking System's security score?

Car Rental Manager – Online Vehicle Booking System has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Car Rental Manager – Online Vehicle Booking System Security & Risk Analysis

wordpress.org/plugins/car-rental-manager

WPCarRently – ready-to-use WordPress car rental booking plugin. Manage vehicles, WooCommerce payments, and bookings effortlessly for your business.

80 active installs v1.3.5 PHP 7.2+ WP 5.6+ Updated Apr 8, 2026

cab-bookingcarcar-rentalride-booking

A · Safe

CVEs total1

Unpatched0

Last CVEDec 24, 2025

Plugin page Download

Safety Verdict

Is Car Rental Manager – Online Vehicle Booking System Safe to Use in 2026?

Generally Safe

Score 99/100

Car Rental Manager – Online Vehicle Booking System has a strong security track record. Known vulnerabilities have been patched promptly. It's a solid choice for most WordPress installations.

1 known CVELast CVE: Dec 24, 2025Updated 1mo ago

Risk Assessment

The 'car-rental-manager' plugin v1.3.3 exhibits a mixed security posture. On the positive side, the plugin demonstrates good practices with 100% of SQL queries using prepared statements and a high percentage (97%) of outputs being properly escaped. The presence of a significant number of nonce and capability checks suggests an awareness of common WordPress security mechanisms. However, several areas raise concerns.

The static analysis reveals a considerable attack surface of 41 entry points, with 8 AJAX handlers lacking authentication checks. This represents a significant weakness, as any unauthenticated user could potentially trigger these handlers, leading to unintended actions or information disclosure. Furthermore, the presence of two 'unserialize' functions and two taint flows with unsanitized paths are critical red flags. 'Unserialize' is notoriously dangerous when processing untrusted input, and unsanitized paths in taint flows indicate potential for injection vulnerabilities or path traversal.

The vulnerability history shows a single medium-severity CVE, which is currently patched. While this is reassuring, the common vulnerability type being 'Missing Authorization' aligns with the findings from the static analysis of unprotected AJAX handlers. This pattern suggests a recurring issue in how the plugin handles user permissions, which needs careful attention to prevent future authorization bypasses.

Key Concerns

Unprotected AJAX handlers
Dangerous function: unserialize
Taint flows with unsanitized paths (high severity)
Vulnerability history indicates missing authorization

Vulnerabilities

1 published

Car Rental Manager – Online Vehicle Booking System Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-69327medium · 4.3Missing Authorization

Car Rental Manager <= 1.0.9 - Missing Authorization

Dec 24, 2025 Patched in 1.2.0 (22d)

Version History

Car Rental Manager – Online Vehicle Booking System Release Timeline

No version history available.

Code Analysis

Analyzed Mar 17, 2026

Car Rental Manager – Online Vehicle Booking System Code Analysis

Dangerous Functions

Raw SQL Queries

4 prepared

Unescaped Output

1792 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$unserialized = @unserialize( $data );mp_global\class\MPCRBM_Global_Function.php:206

unserialize$unserialized = @unserialize( $data );mp_global\class\MPCRBM_Global_Function.php:228

Bundled Libraries

Select2

SQL Query Safety

100% prepared4 total queries

Output Escaping

97% escaped1839 total outputs

Data Flows · Security

2 unsanitized

Data Flow Analysis

14 flows2 with unsanitized paths

<MPCRBM_Quick_Setup> (admin\MPCRBM_Quick_Setup.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

8 unprotected

Car Rental Manager – Online Vehicle Booking System Attack Surface

Entry Points41

Unprotected8

AJAX Handlers 39

authwp_ajax_mpcrbm_save_faqadmin\MPCRBM_Manage_Faq.php:19

authwp_ajax_mpcrbm_save_term_and_conditionadmin\MPCRBM_Manage_Faq.php:20

authwp_ajax_mpcrbm_delete_faqadmin\MPCRBM_Manage_Faq.php:21

authwp_ajax_mpcrbm_delete_termadmin\MPCRBM_Manage_Faq.php:22

authwp_ajax_mpcrbm_load_taxonomiesadmin\MPCRBM_Taxonomies.php:20

authwp_ajax_mpcrbm_save_taxonomyadmin\MPCRBM_Taxonomies.php:21

authwp_ajax_mpcrbm_update_taxonomyadmin\MPCRBM_Taxonomies.php:23

authwp_ajax_mpcrbm_delete_taxonomyadmin\MPCRBM_Taxonomies.php:24

authwp_ajax_mpcrbm_delete_multiple_carsadmin\MPCRBM_Taxonomies.php:28

authwp_ajax_mpcrbm_get_ex_serviceadmin\settings\MPCRBM_Extra_Service.php:19

noprivwp_ajax_mpcrbm_get_ex_serviceadmin\settings\MPCRBM_Extra_Service.php:20

authwp_ajax_mpcrbm_save_added_faqadmin\settings\MPCRBM_Faq_Settings.php:16

authwp_ajax_mpcrbm_update_feature_metaadmin\settings\MPCRBM_Manage_Feature.php:14

authwp_ajax_mpcrbm_add_price_discount_rulesadmin\settings\MPCRBM_Price_Settings.php:17

authwp_ajax_mpcrbm_save_added_term_conditionadmin\settings\MPCRBM_Term_Condition_Setting.php:18

authwp_ajax_mpcrbm_get_total_count_price_selected_carfrontend\MPCRBM_Frontend.php:17

noprivwp_ajax_mpcrbm_get_total_count_price_selected_carfrontend\MPCRBM_Frontend.php:18

authwp_ajax_mpcrbm_get_car_qty_by_datefrontend\MPCRBM_Frontend.php:20

noprivwp_ajax_mpcrbm_get_car_qty_by_datefrontend\MPCRBM_Frontend.php:21

authwp_ajax_mpcrbm_review_savefrontend\MPCRBM_Manage_Review.php:13

noprivwp_ajax_mpcrbm_review_savefrontend\MPCRBM_Manage_Review.php:14

authwp_ajax_mpcrbm_review_deletefrontend\MPCRBM_Manage_Review.php:16

noprivwp_ajax_mpcrbm_review_deletefrontend\MPCRBM_Manage_Review.php:17

authwp_ajax_mpcrbm_review_editfrontend\MPCRBM_Manage_Review.php:19

noprivwp_ajax_mpcrbm_review_editfrontend\MPCRBM_Manage_Review.php:20

authwp_ajax_mpcrbm_get_map_search_resultfrontend\MPCRBM_Transport_Search.php:15

noprivwp_ajax_mpcrbm_get_map_search_resultfrontend\MPCRBM_Transport_Search.php:16

authwp_ajax_mpcrbm_get_map_search_result_redirectfrontend\MPCRBM_Transport_Search.php:17

noprivwp_ajax_mpcrbm_get_map_search_result_redirectfrontend\MPCRBM_Transport_Search.php:18

authwp_ajax_mpcrbm_get_end_placefrontend\MPCRBM_Transport_Search.php:20

noprivwp_ajax_mpcrbm_get_end_placefrontend\MPCRBM_Transport_Search.php:21

authwp_ajax_mpcrbm_get_extra_servicefrontend\MPCRBM_Transport_Search.php:23

noprivwp_ajax_mpcrbm_get_extra_servicefrontend\MPCRBM_Transport_Search.php:24

authwp_ajax_mpcrbm_get_extra_service_summaryfrontend\MPCRBM_Transport_Search.php:26

noprivwp_ajax_mpcrbm_get_extra_service_summaryfrontend\MPCRBM_Transport_Search.php:27

authwp_ajax_mpcrbm_get_dropoff_locationsfrontend\MPCRBM_Transport_Search.php:30

noprivwp_ajax_mpcrbm_get_dropoff_locationsfrontend\MPCRBM_Transport_Search.php:31

authwp_ajax_mpcrbm_add_to_cartfrontend\MPCRBM_Woocommerce.php:27

noprivwp_ajax_mpcrbm_add_to_cartfrontend\MPCRBM_Woocommerce.php:28

Shortcodes 2

[mpcrbm_booking] frontend\MPCRBM_Shortcodes.php:12

[mpcrbm_car_list] frontend\MPCRBM_Shortcodes.php:14

WordPress Hooks 92

actioninitadmin\MPCRBM_Admin.php:14

filteruse_block_editor_for_post_typeadmin\MPCRBM_Admin.php:15

filterwp_mail_content_typeadmin\MPCRBM_Admin.php:16

actionupgrader_process_completeadmin\MPCRBM_Admin.php:17

actioninitadmin\MPCRBM_CPT.php:12

filtermanage_mpcrbm_rent_posts_columnsadmin\MPCRBM_CPT.php:13

actionmanage_mpcrbm_rent_posts_custom_columnadmin\MPCRBM_CPT.php:14

filtermanage_edit-mpcrbm_rent_sortable_columnsadmin\MPCRBM_CPT.php:15

actionsave_postadmin\MPCRBM_CPT.php:17

actionadmin_initadmin\MPCRBM_Dummy_Import.php:11

actionadmin_menuadmin\MPCRBM_Guideline.php:12

actionwp_insert_postadmin\MPCRBM_Hidden_Product.php:13

actionsave_postadmin\MPCRBM_Hidden_Product.php:14

actionparse_queryadmin\MPCRBM_Hidden_Product.php:15

actionwpadmin\MPCRBM_Hidden_Product.php:16

actionsave_postadmin\MPCRBM_Hidden_Product.php:70

actionmpcrbm_license_page_plugin_listadmin\MPCRBM_License.php:12

actionadmin_enqueue_scriptsadmin\MPCRBM_Quick_Setup.php:12

actionadmin_menuadmin\MPCRBM_Quick_Setup.php:15

actionadd_meta_boxesadmin\MPCRBM_Settings.php:12

actionadmin_menuadmin\MPCRBM_Settings_Global.php:14

actionadmin_initadmin\MPCRBM_Settings_Global.php:15

filtermpcrbm_settings_sec_regadmin\MPCRBM_Settings_Global.php:16

actionmpcrbm_licence_sectionadmin\MPCRBM_Settings_Global.php:17

actionadmin_menuadmin\MPCRBM_Status.php:12

actionadmin_menuadmin\MPCRBM_Taxonomies.php:17

actionadmin_menuadmin\MPCRBM_Taxonomies.php:18

actionadmin_action_mpcrbm_duplicate_caradmin\MPCRBM_Taxonomies.php:26

actionmpcrbm_settings_tab_contentadmin\settings\MPCRBM_Date_Settings.php:12

actionsave_postadmin\settings\MPCRBM_Date_Settings.php:13

actionadd_meta_boxesadmin\settings\MPCRBM_Extra_Service.php:12

actionsave_postadmin\settings\MPCRBM_Extra_Service.php:13

actionmpcrbm_extra_service_itemadmin\settings\MPCRBM_Extra_Service.php:15

actionmpcrbm_settings_tab_contentadmin\settings\MPCRBM_Extra_Service.php:17

actionmpcrbm_settings_tab_contentadmin\settings\MPCRBM_Extra_Service_Settings.php:13

actionsave_postadmin\settings\MPCRBM_Extra_Service_Settings.php:14

actionmpcrbm_settings_tab_contentadmin\settings\MPCRBM_Faq_Settings.php:15

actionmpcrbm_settings_tab_contentadmin\settings\MPCRBM_Gallery_Imges_Settings.php:14

actionsave_postadmin\settings\MPCRBM_Gallery_Imges_Settings.php:15

actionmpcrbm_settings_tab_contentadmin\settings\MPCRBM_General_Settings.php:12

actionsave_postadmin\settings\MPCRBM_General_Settings.php:13

actionmpcrbm_settings_tab_contentadmin\settings\MPCRBM_Manage_Feature.php:13

actionmpcrbm_settings_tab_contentadmin\settings\MPCRBM_Multi_Location_Settings.php:12

actionsave_postadmin\settings\MPCRBM_Multi_Location_Settings.php:13

actionmpcrbm_settings_tab_contentadmin\settings\MPCRBM_Operation_Area_Settings.php:12

actionsave_postadmin\settings\MPCRBM_Operation_Area_Settings.php:13

actionmpcrbm_settings_tab_contentadmin\settings\MPCRBM_Price_Settings.php:12

actionsave_postadmin\settings\MPCRBM_Price_Settings.php:14

actionmpcrbm_settings_tab_contentadmin\settings\MPCRBM_Tax_Settings.php:12

actionsave_postadmin\settings\MPCRBM_Tax_Settings.php:13

actionmpcrbm_settings_tab_contentadmin\settings\MPCRBM_Term_Condition_Setting.php:17

filtertheme_page_templatescar-rental-manager.php:21

filtertemplate_includecar-rental-manager.php:22

actionadmin_initcar-rental-manager.php:23

actionwp_enqueue_scriptscar-rental-manager.php:24

actionactivated_plugincar-rental-manager.php:42

actioninitcar-rental-manager.php:45

actionactivated_plugincar-rental-manager.php:50

actionwp_loadedcar-rental-manager.php:74

filtersingle_templatefrontend\MPCRBM_Frontend.php:13

filterthe_contentfrontend\MPCRBM_Frontend.php:15

actionmpcrbm_transport_searchfrontend\MPCRBM_Transport_Search.php:12

actionmpcrbm_left_side_car_filterfrontend\MPCRBM_Transport_Search.php:33

actionwoocommerce_checkout_update_order_metafrontend\MPCRBM_Woocommerce.php:15

filterwoocommerce_add_cart_item_datafrontend\MPCRBM_Woocommerce.php:16

actionwoocommerce_before_calculate_totalsfrontend\MPCRBM_Woocommerce.php:17

filterwoocommerce_cart_item_thumbnailfrontend\MPCRBM_Woocommerce.php:18

filterwoocommerce_get_item_datafrontend\MPCRBM_Woocommerce.php:19

actionwoocommerce_after_checkout_validationfrontend\MPCRBM_Woocommerce.php:21

actionwoocommerce_checkout_create_order_line_itemfrontend\MPCRBM_Woocommerce.php:22

actionwoocommerce_before_thankyoufrontend\MPCRBM_Woocommerce.php:24

filterwoocommerce_order_status_changedfrontend\MPCRBM_Woocommerce.php:25

actionadmin_enqueue_scriptsinc\MPCRBM_Dependencies.php:14

actionwp_enqueue_scriptsinc\MPCRBM_Dependencies.php:15

actioncurrent_screeninc\MPCRBM_Dependencies.php:16

actionmpcrbm_hidden_tablemp_global\class\MPCRBM_Custom_Layout.php:12

actionmpcrbm_pagination_sectionmp_global\class\MPCRBM_Custom_Layout.php:13

actionmpcrbm_custom_slidermp_global\class\MPCRBM_Custom_Slider.php:13

actionmpcrbm_custom_slider_onlymp_global\class\MPCRBM_Custom_Slider.php:14

actionmpcrbm_custom_slider_icon_indicatormp_global\class\MPCRBM_Custom_Slider.php:15

actionmpcrbm_load_date_picker_jsmp_global\class\MPCRBM_Global_Function.php:12

actionmpcrbm_global_enqueuemp_global\class\MPCRBM_Global_Style.php:12

actionmpcrbm_input_add_iconmp_global\class\MPCRBM_Select_Icon_image.php:13

actionmpcrbm_add_single_imagemp_global\class\MPCRBM_Select_Icon_image.php:14

actionmpcrbm_add_multi_imagemp_global\class\MPCRBM_Select_Icon_image.php:15

actionmpcrbm_add_icon_imagemp_global\class\MPCRBM_Select_Icon_image.php:16

actionadmin_footermp_global\class\MPCRBM_Select_Icon_image.php:38

actionadmin_footermp_global\class\MPCRBM_Select_Icon_image.php:198

actionadmin_enqueue_scriptsmp_global\MPCRBM_Global_File_Load.php:13

actionwp_enqueue_scriptsmp_global\MPCRBM_Global_File_Load.php:14

actionadmin_headmp_global\MPCRBM_Global_File_Load.php:15

actionwp_headmp_global\MPCRBM_Global_File_Load.php:16

Maintenance & Trust

Car Rental Manager – Online Vehicle Booking System Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 8, 2026

PHP min version7.2

Downloads2K

Community Trust

Rating100/100

Number of ratings1

Active installs80

Alternatives

Car Rental Manager – Online Vehicle Booking System Alternatives

VikRentCar Car Rental Management System

vikrentcar

Robust Car Rental Management System for any kind of vechicles. The most reliable booking solution for managing vehicles rentals through your website.

4K 9 CVEs

E-cab Taxi Booking Manager for Woocommerce

ecab-taxi-booking-manager

Taxi Booking & Cab Booking for WooCommerce. Chauffeur service with fare calculator, distance pricing, and OpenStreetMap.

2K 6 CVEs

Tourfic – Travel Booking, Hotel Booking & Car Rental WordPress Plugin

tourfic

Hotel, Travel, Car Rental & Tour Booking WordPress plugin. Build a website like Agoda, Booking.com, Airbnb, Enterprise, Avis with WooCommerce

2K 9 CVEs

MyBooking Reservation Engine

mybooking-reservation-engine

100

Mybooking Reservation Engine WordPress plugin.

100 No CVEs

RentSyst – CRM solution for fleet management

rentsyst

RentSyst - this plugin is suitable for the car rental business, which is designed to organize, optimize and simplify the work of the company.

100 2 CVEs

Developer Profile

Car Rental Manager – Online Vehicle Booking System Developer Profile

magepeopleteam

11 plugins · 12K total installs

trust score

Avg Security Score

85/100

Avg Patch Time

90 days

View full developer profile

Detection Fingerprints

How We Detect Car Rental Manager – Online Vehicle Booking System

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/car-rental-manager/assets/css/file-upload.css

Version Parameters

car-rental-manager/assets/css/file-upload.css?ver=

HTML / DOM Fingerprints

Shortcode Output

[mpcrbm_booking][mpcrbm_booking form="inline"]

FAQ

Car Rental Manager – Online Vehicle Booking System Security & Risk Analysis

Is Car Rental Manager – Online Vehicle Booking System Safe to Use in 2026?

Generally Safe

Key Concerns

Car Rental Manager – Online Vehicle Booking System Security Vulnerabilities

CVEs by Year

Severity Breakdown

Car Rental Manager – Online Vehicle Booking System Release Timeline

Car Rental Manager – Online Vehicle Booking System Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Car Rental Manager – Online Vehicle Booking System Attack Surface

AJAX Handlers 39

Shortcodes 2

Car Rental Manager – Online Vehicle Booking System Maintenance & Trust

Maintenance Signals

Community Trust

Car Rental Manager – Online Vehicle Booking System Alternatives

VikRentCar Car Rental Management System

E-cab Taxi Booking Manager for Woocommerce

Tourfic – Travel Booking, Hotel Booking & Car Rental WordPress Plugin

MyBooking Reservation Engine

RentSyst – CRM solution for fleet management

Car Rental Manager – Online Vehicle Booking System Developer Profile

How We Detect Car Rental Manager – Online Vehicle Booking System

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Car Rental Manager – Online Vehicle Booking System