Vulnerabilities > Stylemixthemes
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-25 | CVE-2022-45815 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Gdpr Compliance & Cookie Consent 1.2 Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes GDPR Compliance & Cookie Consent plugin <= 1.2 versions. | 8.8 |
| 2022-12-12 | CVE-2022-3989 | Unspecified vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing The Motors WordPress plugin before 1.4.4 does not properly validate uploaded files for dangerous file types (such as .php) in an AJAX action, allowing an attacker to sign up on a victim's WordPress instance, upload a malicious PHP file and attempt to launch a brute-force attack to discover the uploaded payload. | 8.8 |
| 2022-04-11 | CVE-2022-25614 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Eroom - Zoom Meetings & Webinar Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.7 allows an attacker to Sync with Zoom Meetings. | 4.3 |
| 2022-04-11 | CVE-2022-25615 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Eroom - Zoom Meetings & Webinar Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion. | 4.3 |
| 2022-03-07 | CVE-2022-0441 | Unspecified vulnerability in Stylemixthemes Masterstudy LMS The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin | 9.8 |
| 2021-09-27 | CVE-2021-36874 | Authorization Bypass Through User-Controlled Key vulnerability in Stylemixthemes Ulisting Authenticated Insecure Direct Object References (IDOR) vulnerability in WordPress uListing plugin (versions <= 2.0.5). | 8.8 |
| 2021-09-27 | CVE-2021-36875 | Cross-site Scripting vulnerability in Stylemixthemes Ulisting Authenticated Reflected Cross-Site Scripting (XSS) vulnerability in WordPress uListing plugin (versions <= 2.0.5). | 4.8 |
| 2021-09-27 | CVE-2021-36876 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Ulisting Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in WordPress uListing plugin (versions <= 2.0.5) as it lacks CSRF checks on plugin administration pages. | 8.8 |
| 2021-09-27 | CVE-2021-36877 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Ulisting Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to modify user roles. | 6.5 |
| 2021-09-27 | CVE-2021-36879 | Unspecified vulnerability in Stylemixthemes Ulisting Unauthenticated Privilege Escalation vulnerability in WordPress uListing plugin (versions <= 2.0.5). | 9.8 |