Vulnerabilities > Stylemixthemes
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-04-11 | CVE-2022-25615 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Eroom - Zoom Meetings & Webinar Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion. | 4.3 |
2022-03-07 | CVE-2022-0441 | Unspecified vulnerability in Stylemixthemes Masterstudy LMS The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin | 9.8 |
2021-09-27 | CVE-2021-36874 | Authorization Bypass Through User-Controlled Key vulnerability in Stylemixthemes Ulisting Authenticated Insecure Direct Object References (IDOR) vulnerability in WordPress uListing plugin (versions <= 2.0.5). | 8.8 |
2021-09-27 | CVE-2021-36875 | Cross-site Scripting vulnerability in Stylemixthemes Ulisting Authenticated Reflected Cross-Site Scripting (XSS) vulnerability in WordPress uListing plugin (versions <= 2.0.5). | 4.8 |
2021-09-27 | CVE-2021-36876 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Ulisting Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in WordPress uListing plugin (versions <= 2.0.5) as it lacks CSRF checks on plugin administration pages. | 8.8 |
2021-09-27 | CVE-2021-36877 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Ulisting Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to modify user roles. | 6.5 |
2021-09-27 | CVE-2021-36879 | Unspecified vulnerability in Stylemixthemes Ulisting Unauthenticated Privilege Escalation vulnerability in WordPress uListing plugin (versions <= 2.0.5). | 9.8 |
2021-09-27 | CVE-2021-36880 | SQL Injection vulnerability in Stylemixthemes Ulisting Unauthenticated SQL Injection (SQLi) vulnerability in WordPress uListing plugin (versions <= 2.0.3), vulnerable parameter: custom. | 9.8 |
2021-09-27 | CVE-2021-36878 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Ulisting Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to update settings. | 4.3 |
2020-02-24 | CVE-2019-17229 | Cross-site Scripting vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress has multiple stored XSS issues. | 6.1 |