Vulnerabilidades en StylemixThemes
56 resultadosCVE-2025-4322CRITICALMotors <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account TakeoverEPSS 16.8%CVE-2021-36879CRITICALWordPress uListing plugin <= 2.0.5 - Unauthenticated Privilege Escalation vulnerabilityEPSS 2.1%CVE-2021-36880HIGHWordPress uListing plugin <= 2.0.3 - Unauthenticated SQL Injection (SQLi) vulnerabilityEPSS 2.1%CVE-2024-43144CRITICALWordPress Cost Calculator Builder plugin <= 3.2.15 - SQL Injection vulnerabilityEPSS 2.0%CVE-2024-37091CRITICALWordPress Consulting Elementor Widgets plugin <= 1.3.0 - Remote Code Execution (RCE) vulnerabilityEPSS 1.2%CVE-2021-36874HIGHWordPress uListing plugin <= 2.0.5 - Authenticated Insecure Direct Object References (IDOR) vulnerabilityEPSS 1.1%CVE-2025-4800HIGHMasterStudy LMS Pro <= 4.7.0 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 1.0%CVE-2025-26986HIGHWordPress Pearl Theme < 3.4.8 - Local File Inclusion vulnerabilityEPSS 0.9%CVE-2024-37089CRITICALWordPress Consulting Elementor Widgets plugin <= 1.3.0 - Unauthenticated Local File Inclusion vulnerabilityEPSS 0.6%CVE-2025-7438HIGHMasterStudy LMS – Online Courses, eLearning PRO Plus <= 4.7.9 - Authenticated (Subscriber+) Arbitrary File UploadEPSS 0.6%CVE-2024-4097HIGHCost Calculator Builder Pro <= 3.1.67 - Unauthenticated Cross-Site Scripting via SVG UploadEPSS 0.6%CVE-2023-35093MEDIUMWordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Broken Access ControlEPSS 0.6%CVE-2022-43472MEDIUMWordPress eRoom plugin <= 1.4.6 - Broken Access Control vulnerabilityEPSS 0.6%CVE-2024-35677CRITICALWordPress MegaMenu plugin <= 2.3.12 - Unauthenticated Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-37090HIGHSQL Injection vulnerability in multiple StylemixThemes premium themesEPSS 0.5%CVE-2023-50852HIGHWordPress BookIt Plugin <= 2.4.3 is vulnerable to SQL InjectionEPSS 0.5%CVE-2024-37092HIGHWordPress Consulting Elementor Widgets plugin <= 1.3.0 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2023-46207MEDIUMWordPress Motors – Car Dealer & Classified Ads Plugin <= 1.4.6 is vulnerable to Server Side Request Forgery (SSRF)EPSS 0.5%CVE-2023-37385HIGHWordPress Consulting theme <= 6.5.6 - Local File InclusionEPSS 0.5%CVE-2025-47586CRITICALWordPress Motors - Events plugin <= 1.4.7 - Unauthenticated Local File Inclusion vulnerabilityEPSS 0.5%