Vulnerabilities in Stylemix

67 results

CVE-2024-5545MEDIUMMotors – Car Dealer, Classifieds & Listing <= 1.4.9 - Missing AuthorizationEPSS 0.3%CVE-2025-14757MEDIUMCost Calculator Builder <= 3.6.9 - Missing Authorization to Unauthenticated Payment Status BypassEPSS 0.3%CVE-2024-10970MEDIUMMotors – Car Dealer, Classifieds & Listing <= 1.4.43 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Custom TitleEPSS 0.3%CVE-2025-31881MEDIUMWordPress Pearl plugin <= 1.3.9 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-39587CRITICALWordPress Cost Calculator Builder plugin <= 3.2.65 - SQL Injection VulnerabilityEPSS 0.3%CVE-2024-13737MEDIUMMotors – Car Dealer, Classifieds & Listing <= 1.4.57 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Listing Template CreationEPSS 0.3%CVE-2025-54691MEDIUMWordPress Motors Plugin plugin <= 1.4.80 - Insecure Direct Object References (IDOR) VulnerabilityEPSS 0.3%CVE-2025-59575MEDIUMWordPress MasterStudy LMS plugin <= 3.6.20 - Sensitive Data Exposure vulnerabilityEPSS 0.3%CVE-2025-9243HIGHCost Calculator Builder <= 3.5.32 - Authenticated (Subscriber+) Missing Authorization via get_cc_orders/update_order_status FunctionsEPSS 0.3%CVE-2025-62049MEDIUMWordPress Cost Calculator Builder plugin <= 3.5.32 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-3437MEDIUMMotors – Car Dealership & Classified Listings Plugin <= 1.4.66 - Missing Authorization to Authenticated (Subscriber+) Wizard Set-upEPSS 0.3%CVE-2026-3892HIGHMotors – Car Dealer, Classifieds & Listing <= 1.4.107 - Authenticated (Subscriber+) Arbitrary File Deletion via 'stm_dealer_logo_path' ParameterEPSS 0.3%CVE-2026-42730HIGHWordPress MasterStudy LMS plugin <= 3.7.29 - SQL Injection vulnerabilityEPSS 0.3%CVE-2025-64366HIGHWordPress MasterStudy LMS plugin <= 3.6.27 - SQL Injection vulnerabilityEPSS 0.2%CVE-2025-14755MEDIUMCost Calculator Builder <= 4.0.1 - Unauthenticated Price Manipulation and Insecure Direct Object ReferenceEPSS 0.2%CVE-2026-1934MEDIUMMotors – Car Dealership & Classified Listings Plugin <= 1.4.103 - Missing Authorization to Authenticated (Subscriber+) Payment Bypass via 'stm_payment_status' ParameterEPSS 0.2%CVE-2025-54744MEDIUMWordPress MasterStudy LMS plugin <= 3.6.15 - Broken Access Control vulnerabilityEPSS 0.2%CVE-2025-59576MEDIUMWordPress MasterStudy LMS Plugin <= 3.6.20 - Broken Access Control VulnerabilityEPSS 0.2%CVE-2024-37093MEDIUMWordPress MasterStudy LMS plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.2%CVE-2026-0559MEDIUMMasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.7.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'stm_lms_courses_grid_display' ShortcodeEPSS 0.2%

← previouspage 3 / 4next →