Medium severity4.8NVD Advisory· Published Aug 16, 2021· Updated Jun 17, 2026
CVE-2021-24519
CVE-2021-24519
Description
The VikRentCar Car Rental Management System WordPress plugin before 1.1.10 does not sanitise the 'Text Next to Icon' field when adding or editing a Characteristic, allowing high privilege users such as admin to use XSS payload in it, leading to an authenticated Stored Cross-Site Scripting issue
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/VikRentCar Car Rental Management Systemdescription
- Range: <1.1.10
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/368828f9-fdd1-4a82-8658-20e0f4c4da0cnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.