E4jconnect Vikrentcar
5 CVEs affecting E4jconnect Vikrentcar. Latest disclosed: 2025-07-03. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-39653 | Critical | 9.3 | 2024-08-29 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E4J s.R.L. VikRentCar allows SQL Injection.This issue aff… |
CVE-2024-11640 | High | 8.8 | 2025-03-08 | The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. This… |
CVE-2024-1845 | High | 8.8 | 2024-07-11 | The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF checks in some places, which could allow attackers to make logged… |
CVE-2025-5322 | High | 7.2 | 2025-07-03 | The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the do_updateca… |
CVE-2023-23998 | Medium | 5.9 | 2023-04-06 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in E4J s.R.L. VikRentCar Car Rental Management System plugin <= 1.3.0 versions. |