High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-25	CVE-2022-38356	Unspecified vulnerability in Stylemixthemes Pearl Header Builder 1.3.4 Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes WordPress Header Builder Plugin – Pearl plugin <= 1.3.4 versions. network low complexity stylemixthemes	8.8
2023-05-25	CVE-2022-38716	Unspecified vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing plugin <= 1.4.4 versions. network low complexity stylemixthemes	8.8
2023-05-25	CVE-2022-45815	Unspecified vulnerability in Stylemixthemes Gdpr Compliance & Cookie Consent 1.2 Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes GDPR Compliance & Cookie Consent plugin <= 1.2 versions. network low complexity stylemixthemes	8.8
2022-12-12	CVE-2022-3989	Unspecified vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing The Motors WordPress plugin before 1.4.4 does not properly validate uploaded files for dangerous file types (such as .php) in an AJAX action, allowing an attacker to sign up on a victim's WordPress instance, upload a malicious PHP file and attempt to launch a brute-force attack to discover the uploaded payload. network low complexity stylemixthemes	8.8
2021-09-27	CVE-2021-36874	Authorization Bypass Through User-Controlled Key vulnerability in Stylemixthemes Ulisting Authenticated Insecure Direct Object References (IDOR) vulnerability in WordPress uListing plugin (versions <= 2.0.5). network low complexity stylemixthemes CWE-639	8.8
2021-09-27	CVE-2021-36876	Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Ulisting Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in WordPress uListing plugin (versions <= 2.0.5) as it lacks CSRF checks on plugin administration pages. network low complexity stylemixthemes CWE-352	8.8