An issue was discovered in the bestsoftinc Car Rental System plugin through 1.3 for WordPress. Persistent XSS can occur via any of the registration fields.
6.1CVSS
5.9AI Score
0.003EPSS
Car Rental System v1.0 was discovered to contain a SQL injection vulnerability at /Car_Rental/booking.php via the id parameter.
8.8CVSS
8.9AI Score
0.002EPSS