WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The WordPress plugin is an application plugin for WordPress. A cross-site scripting vulnerability exists in versions of the WordPress VikRentCar Car Rental Management System plugin prior to 1.1.10. The vulnerability stems from the plugin’s failure to clean up the “text next to icon” field when adding or editing features. An attacker could exploit this vulnerability to inject JavaScript and execute a stored XSS attack.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress wordpress vikrentcar car rental management system | lt | 1.1.10 |