CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/06/15 8:19 p.m.•14 views

CVE-2026-52699

Summary: CVE-2026-52699 affects the WordPress VikRentCar plugin, versions

Vulnrichment•added 2026/06/15 8:19 p.m.•4 views

CVE-2026-52699 WordPress VikRentCar plugin <= 1.4.5 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in VikRentCar = 1.4.5 versions...

Cvelist•added 2026/06/15 8:19 p.m.•28 views

CVE-2026-52699 WordPress VikRentCar plugin <= 1.4.5 - Insecure Direct Object References (IDOR) vulnerability

Unauthenticated Insecure Direct Object References IDOR in VikRentCar = 1.4.5 versions...

7.5CVSS0.0023EPSS

EUVD•added 2026/06/15 8:19 p.m.•8 views

EUVD-2026-36904

Unauthenticated Insecure Direct Object References IDOR in VikRentCar = 1.4.5 versions...

Positive Technologies•added 2026/06/15 12:0 a.m.•6 views

PT-2026-49522

Unauthenticated Insecure Direct Object References IDOR in VikRentCar = 1.4.5 versions...

Patchstack•added 2026/06/10 9:40 a.m.•4 views

Exploits0References2

WordPress VikRentCar plugin <= 1.4.5 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by dodoh4t in WordPress Plugin VikRentCar versions = 1.4.5...

7.5CVSS5.3AI score0.0023EPSS

Exploits0Affected Software1

RedhatCVE•added 2026/01/09 8:32 a.m.•4 views

CVE-2024-39653

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in E4J s.R.L. VikRentCar allows SQL Injection.This issue affects VikRentCar: from n/a through 1.4.0...

9.8CVSS7.7AI score0.00458EPSS

RedhatCVE•added 2025/12/03 8:57 a.m.•10 views

CVE-2025-13724

The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'month' parameter in all versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

7.5CVSS6.6AI score0.00279EPSS

NVD•added 2025/12/02 9:15 a.m.•3 views

CVE-2025-13724

7.5CVSS0.00279EPSS

Vulnrichment•added 2025/12/02 8:24 a.m.•4 views

CVE-2025-13724 VikRentCar Car Rental Management System <= 1.4.4 - Authenticated (Author+) SQL Injection via 'month' Parameter

7.5CVSS6.1AI score0.00279EPSS

Cvelist•added 2025/12/02 8:24 a.m.•7 views

CVE-2025-13724 VikRentCar Car Rental Management System <= 1.4.4 - Authenticated (Author+) SQL Injection via 'month' Parameter

7.5CVSS0.00279EPSS

EUVD•added 2025/12/02 8:24 a.m.•3 views

EUVD-2025-200209

7.5CVSS6.1AI score0.00279EPSS

Exploits0References5

CVE•added 2025/12/02 8:24 a.m.•18 views

CVE-2025-13724

CVE-2025-13724 affects the VikRentCar Car Rental Management System WordPress plugin (versions up to 1.4.4). The vulnerability is a time-based blind SQL injection via the month parameter, exploitable by authenticated users with Administrator-level access or higher, allowing extraction of data. Wor...

7.5CVSS6.2AI score0.00279EPSS

CNNVD•added 2025/12/02 12:0 a.m.•7 views

WordPress plugin VikRentCar Car Rental Management System SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL-based servers. A SQL injectio...

7.5CVSS7.4AI score0.00279EPSS