Filtered by vendor E4jconnect Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-39653 1 E4jconnect 1 Vikrentcar 2024-09-13 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E4J s.R.L. VikRentCar allows SQL Injection.This issue affects VikRentCar: from n/a through 1.4.0.
CVE-2023-23998 1 E4jconnect 1 Vikrentcar 2024-08-02 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in E4J s.R.L. VikRentCar Car Rental Management System plugin <= 1.3.0 versions.
CVE-2024-1845 1 E4jconnect 1 Vikrentcar 2024-08-01 8.8 High
The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks