Skip to main content

Car Rental Manager

1 CVEs product

Monthly

CVE-2026-61985 MEDIUM This Month

Missing authorization controls in the Car Rental Manager WordPress plugin (≤1.3.7) allow unauthenticated remote attackers to exploit incorrectly configured access control levels, resulting in limited integrity impact. The CVSS vector (PR:N/UI:N) confirms exploitation requires no credentials or user interaction against any publicly reachable WordPress site running the affected plugin. No public exploit code or CISA KEV listing has been identified at time of analysis, keeping real-world risk at a moderate level despite the trivial exploitation conditions.

Authentication Bypass Car Rental Manager
NVD
CVSS 3.1
5.3
EPSS
0.3%
EPSS 0% CVSS 5.3
MEDIUM This Month

Missing authorization controls in the Car Rental Manager WordPress plugin (≤1.3.7) allow unauthenticated remote attackers to exploit incorrectly configured access control levels, resulting in limited integrity impact. The CVSS vector (PR:N/UI:N) confirms exploitation requires no credentials or user interaction against any publicly reachable WordPress site running the affected plugin. No public exploit code or CISA KEV listing has been identified at time of analysis, keeping real-world risk at a moderate level despite the trivial exploitation conditions.

Authentication Bypass Car Rental Manager
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy