Vulnerabilities > Stylemixthemes > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-27 | CVE-2021-36875 | Cross-site Scripting vulnerability in Stylemixthemes Ulisting Authenticated Reflected Cross-Site Scripting (XSS) vulnerability in WordPress uListing plugin (versions <= 2.0.5). | 4.8 |
| 2021-09-27 | CVE-2021-36877 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Ulisting Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to modify user roles. | 6.5 |
| 2021-09-27 | CVE-2021-36878 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Ulisting Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to update settings. | 4.3 |
| 2020-02-24 | CVE-2019-17229 | Cross-site Scripting vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress has multiple stored XSS issues. | 6.1 |
| 2020-02-24 | CVE-2019-17228 | Insufficient Verification of Data Authenticity vulnerability in Stylemixthemes Motors - CAR Dealer, Classifieds & Listing includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress allows unauthenticated options changes. | 6.5 |