📦 Vikrentcar

This SQL injection vulnerability in the VikRentCar WordPress plugin allows attackers to execute arbitrary SQL commands on the database. All WordPress sites running VikRentCar version 1.4.0 or earlier ...

The VikRentCar WordPress plugin up to version 1.4.3 allows authenticated administrators to upload arbitrary files due to missing file type validation. This vulnerability can lead to remote code execut...

The VikRentCar WordPress plugin has a CSRF vulnerability that allows attackers to escalate privileges and upload arbitrary files. Attackers can trick administrators into clicking malicious links to ex...