CVE-2021-24335
The WordPress Car Repair Services & Auto Mechanic Theme (pre-4.0) contains a reflected Cross-Site Scripting (XSS) vulnerability in the serviceestimatekey parameter, which is echoed back in the page without proper sanitization. This could enable injection of malicious scripts when the parameter is...