Does VikRentItems Flexible Rental Management System have any unpatched vulnerabilities?

No. All known vulnerabilities in VikRentItems Flexible Rental Management System have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is VikRentItems Flexible Rental Management System compatible with WordPress 6.9.4?

According to WordPress.org data, VikRentItems Flexible Rental Management System 1.2.1 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is VikRentItems Flexible Rental Management System compatible with PHP 7.0.0+?

VikRentItems Flexible Rental Management System requires PHP 7.0.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

What is VikRentItems Flexible Rental Management System's security score?

VikRentItems Flexible Rental Management System has a WP-Safety security score of 99/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

VikRentItems Flexible Rental Management System Security & Risk Analysis

wordpress.org/plugins/vikrentitems

Multi-purpose Items Rental Management System for any kind of objects. The most efficient booking solution for managing item rentals through your site.

600 active installs v1.2.1 PHP 7.0.0+ WP 4.7+ Updated Dec 8, 2025

bikes-bookingbikes-rentalitems-rentalrental-managementstorage-rent

A · Safe

CVEs total1

Unpatched0

Last CVEDec 11, 2025

Plugin page Download

Safety Verdict

Is VikRentItems Flexible Rental Management System Safe to Use in 2026?

Generally Safe

Score 99/100

VikRentItems Flexible Rental Management System has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Dec 11, 2025Updated 3mo ago

Risk Assessment

The plugin 'vikrentitems' v1.2.1 presents a mixed security posture. While it shows some positive signs like a relatively low number of entry points and the majority of SQL queries using prepared statements, significant concerns exist regarding its handling of user input and authentication. The static analysis highlights one unprotected AJAX handler, which is a critical vulnerability as it represents an unauthenticated entry point into the plugin's functionality. Furthermore, the extremely low percentage (16%) of properly escaped output indicates a high likelihood of Cross-Site Scripting (XSS) vulnerabilities being present, especially in conjunction with the unprotected AJAX handler. The vulnerability history, though showing no currently unpatched CVEs, reveals a past medium-severity XSS vulnerability, reinforcing the concern about input sanitization and output escaping practices. The presence of bundled outdated libraries like TCPDF v1.0.004 also adds to the potential attack surface.

Key Concerns

Unprotected AJAX handler
Low output escaping percentage
Bundled outdated TCPDF library
No nonce checks
No capability checks

Vulnerabilities

VikRentItems Flexible Rental Management System Security Vulnerabilities

CVEs by Year

1 CVE in 2025

2025

Patched Has unpatched

Severity Breakdown

Medium

1 total CVE

CVE-2025-14049medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

VikRentItems Flexible Rental Management System <= 1.2.0 - Reflected Cross-Site Scripting via 'delto' Parameter

Dec 11, 2025 Patched in 1.2.1 (1d)

Code Analysis

Analyzed Mar 16, 2026

VikRentItems Flexible Rental Management System Code Analysis

Dangerous Functions

Raw SQL Queries

5 prepared

Unescaped Output

2796

534 escaped

Nonce Checks

Capability Checks

File Operations

101

External Requests

Bundled Libraries

PHPMailerTinyMCESelect2TCPDF1.0.004jQuery1.12.4

SQL Query Safety

71% prepared7 total queries

Output Escaping

16% escaped3330 total outputs

Attack Surface

1 unprotected

VikRentItems Flexible Rental Management System Attack Surface

Entry Points2

Unprotected1

AJAX Handlers 1

authwp_ajax_vikrentitemsvikrentitems.php:194

Shortcodes 1

[vikrentitems] vikrentitems.php:221

WordPress Hooks 34

actionadmin_enqueue_scriptsadmin\helpers\jv_helper.php:475

actioninitvikrentitems.php:27

actionautomatic_updates_completevikrentitems.php:37

filterauto_update_pluginvikrentitems.php:49

actionin_plugin_update_message-vikrentitems/vikrentitems.phpvikrentitems.php:65

actionplugins_loadedvikrentitems.php:75

actioncurrent_screenvikrentitems.php:81

filterset-screen-optionvikrentitems.php:82

filterset_screen_option_vikrentitems_list_limitvikrentitems.php:90

actioninitvikrentitems.php:93

actionwp_logoutvikrentitems.php:94

actionplugins_loadedvikrentitems.php:97

actioninitvikrentitems.php:143

actionplugins_loadedvikrentitems.php:212

actionadmin_menuvikrentitems.php:215

actionwidgets_initvikrentitems.php:218

actionvikrentitems_before_dispatchvikrentitems.php:265

filtervik_date_default_timezonevikrentitems.php:306

actionvikrentitems_after_dispatchvikrentitems.php:312

actionadmin_post_vikrentitemsvikrentitems.php:337

actionadmin_post_nopriv_vikrentitemsvikrentitems.php:338

actionsave_postvikrentitems.php:350

actiontrashed_postvikrentitems.php:422

actionuntrashed_postvikrentitems.php:442

actiondeleted_postvikrentitems.php:462

filtermce_buttonsvikrentitems.php:497

filtermce_external_pluginsvikrentitems.php:500

actioninitvikrentitems.php:503

actiondeleted_blogvikrentitems.php:515

filterplugin_action_linksvikrentitems.php:533

actionvik_widget_before_dispatch_sitevikrentitems.php:543

actionvik_widget_after_dispatch_sitevikrentitems.php:557

filtervik_plugin_load_languagevikrentitems.php:576

filterrun_wptexturizevikrentitems.php:600

Maintenance & Trust

VikRentItems Flexible Rental Management System Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 8, 2025

PHP min version7.0.0

Downloads15K

Community Trust

Rating80/100

Number of ratings8

Active installs600

Alternatives

VikRentItems Flexible Rental Management System Alternatives

VikRentCar Car Rental Management System

vikrentcar

Robust Car Rental Management System for any kind of vechicles. The most reliable booking solution for managing vehicles rentals through your website.

4K 9 CVEs

6Storage Rentals

6storage-rentals

Showcase self storage units, rent the units, reserve the units and 6storage has the enterprise portal to manage the tenants.

60 4 unpatched

Flat Renter Listing Management Backend

flat-renter-listing

Efficiently manage flat renter information from the WordPress backend with a secure and organized system, ideal for landlords and property managers.

0 No CVEs

Developer Profile

VikRentItems Flexible Rental Management System Developer Profile

e4jvikwp

7 plugins · 16K total installs

trust score

Avg Security Score

90/100

Avg Patch Time

244 days

View full developer profile

Detection Fingerprints

How We Detect VikRentItems Flexible Rental Management System

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/vikrentitems/vikrentitems.php/wp-content/plugins/vikrentitems/packages/jinput/src/JInput.php/wp-content/plugins/vikrentitems/packages/factory/src/JFactory.php/wp-content/plugins/vikrentitems/packages/base/src/JObject.php/wp-content/plugins/vikrentitems/packages/form/src/JForm.php/wp-content/plugins/vikrentitems/packages/loader/src/JLoader.php/wp-content/plugins/vikrentitems/packages/uri/src/JUri.php/wp-content/plugins/vikrentitems/src/Admin/View/AdminItems/Modal.php+53 more

Version Parameters

ver=1.2.1

HTML / DOM Fingerprints

CSS Classes

vikrentitemsvikrentitems-adminvikrentitems-frontend

HTML Comments

No direct accessinstaller class will check the update statusDue to WordPress 5.4.2 changes, we need to attachallow the update of the list limit.+1 more

Data Attributes

data-vikrentitems-iddata-vikrentitems-type

JS Globals

JoomlaJFactoryJInputJObjectJFormJLoader+9 more

Shortcode Output

[vikrentitems]

FAQ