Vulnerabilities > Stylemixthemes > Motors CAR Dealer Classifieds Listing
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-02 | CVE-2024-5545 | Missing Authorization vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the stm_edit_delete_user_car function in all versions up to, and including, 1.4.8. | 5.3 |
| 2023-11-13 | CVE-2023-46207 | Server-Side Request Forgery (SSRF) vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing Server-Side Request Forgery (SSRF) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing.This issue affects Motors – Car Dealer, Classifieds & Listing: from n/a through 1.4.6. | 7.5 |
| 2023-10-27 | CVE-2023-46208 | Cross-site Scripting vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing Unauth. | 6.1 |
| 2023-05-25 | CVE-2022-38716 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing plugin <= 1.4.4 versions. | 8.8 |
| 2022-12-12 | CVE-2022-3989 | Unspecified vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing The Motors WordPress plugin before 1.4.4 does not properly validate uploaded files for dangerous file types (such as .php) in an AJAX action, allowing an attacker to sign up on a victim's WordPress instance, upload a malicious PHP file and attempt to launch a brute-force attack to discover the uploaded payload. | 8.8 |
| 2020-02-24 | CVE-2019-17229 | Cross-site Scripting vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress has multiple stored XSS issues. | 4.3 |
| 2020-02-24 | CVE-2019-17228 | Insufficient Verification of Data Authenticity vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress allows unauthenticated options changes. | 6.4 |