Persistent XSS Vulnerability in Car Rental System Plugin for WordPress
CVE-2020-15535
6.1MEDIUM
What is CVE-2020-15535?
A persistent cross-site scripting (XSS) vulnerability has been identified in the Car Rental System plugin, version 1.3, for WordPress. This security flaw allows attackers to inject malicious scripts through various registration fields, which can then be executed in the context of other users' sessions. Successful exploitation of this vulnerability could lead to unauthorized actions on behalf of the users, compromising their data and potentially affecting the integrity of the website.