Lucene search
WPScanCVELIST:CVE-2021-24519HistoryAug 16, 2021 - 10:48 a.m.
CVE-2021-24519 Vik Rent Car < 1.1.10 - Authenticated Stored Cross-Site Scripting (XSS)
2021-08-1610:48:25
CWE-79
WPScan
www.cve.org
0.001 Low
EPSS
Percentile
24.8%
The VikRentCar Car Rental Management System WordPress plugin before 1.1.10 does not sanitise the ‘Text Next to Icon’ field when adding or editing a Characteristic, allowing high privilege users such as admin to use XSS payload in it, leading to an authenticated Stored Cross-Site Scripting issue
CNA Affected
[
{
"product": "VikRentCar Car Rental Management System",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.1.10",
"status": "affected",
"version": "1.1.10",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
nvd
nvd
CVE-2021-24519
2021-08-16 11:15:08
wpexploit
wpexploit
Vik Rent Car < 1.1.10 - Authenticated Stored Cross-Site Scripting (XSS)
2021-07-19 00:00:00
cve
cve
CVE-2021-24519
2021-08-16 11:15:08
wpvulndb
wpvulndb
Vik Rent Car < 1.1.10 - Authenticated Stored Cross-Site Scripting (XSS)
2021-07-19 00:00:00
prion
prion
Cross site scripting
2021-08-16 11:15:00