Satyender Yadav

**Name of the Vulnerable Software and Affected Versions** VikRentCar Car Rental Management System WordPress plugin versions prior to 1.1.7 **Description** The issue is related to a stored Cross-Site Scripting problem. It arises because the field name in the custom field option is not properly sanitised or escaped before being output back on the page. Additionally, there is no CSRF check performed before saving the setting, which allows attackers to manipulate a logged-in admin into setting arbitrary Custom Fields, including those with XSS payloads. **Recommendations** For versions prior to 1.1.7, update to version 1.1.7 or later to resolve the issue. As a temporary workaround, consider disabling the custom field option until a patch is available. Restrict access to the setting management page to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** This Gallery from files WordPress plugin versions 1.6.0 and earlier **Description** The issue arises from the improper sanitization of filenames before being output in an error message when they have an invalid extension, leading to a reflected Cross-Site Scripting issue. Due to the lack of CSRF check, the attack could also be performed via such vector. **Recommendations** For versions 1.6.0 and earlier, update to a version that properly sanitizes filenames and includes a CSRF check to prevent reflected Cross-Site Scripting issues. As a temporary workaround, consider disabling the image upload functionality until a patch is available. Restrict access to the error message output to minimize the risk of exploitation.