Filtered by vendor Stylemixthemes
Subscribe
Total
37 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-0441 | 1 Stylemixthemes | 1 Masterstudy Lms | 2023-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin | |||||
| CVE-2023-35093 | 1 Stylemixthemes | 1 Masterstudy Lms | 2023-06-28 | N/A | 6.5 MEDIUM |
| Broken Access Control vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin <= 3.0.8 versions allows any logged-in users, such as subscribers to view the "Orders" of the plugin and get the data related to the order like email, username, and more. | |||||
| CVE-2023-35090 | 1 Stylemixthemes | 1 Masterstudy Lms | 2023-06-28 | N/A | 5.4 MEDIUM |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in StylemixThemes MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin <= 3.0.7 versions. | |||||
| CVE-2022-45815 | 1 Stylemixthemes | 1 Gdpr Compliance \& Cookie Consent | 2023-06-01 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes GDPR Compliance & Cookie Consent plugin <= 1.2 versions. | |||||
| CVE-2022-38356 | 1 Stylemixthemes | 1 Pearl Header Builder | 2023-05-31 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes WordPress Header Builder Plugin – Pearl plugin <= 1.3.4 versions. | |||||
| CVE-2022-38716 | 1 Stylemixthemes | 1 Motors - Car Dealer\, Classifieds \& Listing | 2023-05-31 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing plugin <= 1.4.4 versions. | |||||
| CVE-2021-36879 | 1 Stylemixthemes | 1 Ulisting | 2022-10-27 | 7.5 HIGH | 9.8 CRITICAL |
| Unauthenticated Privilege Escalation vulnerability in WordPress uListing plugin (versions <= 2.0.5). Possible if WordPress configuration allows user registration. | |||||
| CVE-2022-25615 | 1 Stylemixthemes | 1 Eroom - Zoom Meetings \& Webinar | 2022-04-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion. | |||||
| CVE-2022-25614 | 1 Stylemixthemes | 1 Eroom - Zoom Meetings \& Webinar | 2022-04-20 | 4.3 MEDIUM | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.7 allows an attacker to Sync with Zoom Meetings. | |||||
| CVE-2021-36878 | 1 Stylemixthemes | 1 Ulisting | 2021-10-04 | 4.3 MEDIUM | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to update settings. | |||||
| CVE-2021-36876 | 1 Stylemixthemes | 1 Ulisting | 2021-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in WordPress uListing plugin (versions <= 2.0.5) as it lacks CSRF checks on plugin administration pages. | |||||
| CVE-2021-36877 | 1 Stylemixthemes | 1 Ulisting | 2021-10-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in WordPress uListing plugin (versions <= 2.0.5) makes it possible for attackers to modify user roles. | |||||
| CVE-2021-36874 | 1 Stylemixthemes | 1 Ulisting | 2021-10-01 | 6.5 MEDIUM | 8.8 HIGH |
| Authenticated Insecure Direct Object References (IDOR) vulnerability in WordPress uListing plugin (versions <= 2.0.5). | |||||
| CVE-2021-36880 | 1 Stylemixthemes | 1 Ulisting | 2021-10-01 | 7.5 HIGH | 9.8 CRITICAL |
| Unauthenticated SQL Injection (SQLi) vulnerability in WordPress uListing plugin (versions <= 2.0.3), vulnerable parameter: custom. | |||||
| CVE-2021-36875 | 1 Stylemixthemes | 1 Ulisting | 2021-10-01 | 3.5 LOW | 4.8 MEDIUM |
| Authenticated Reflected Cross-Site Scripting (XSS) vulnerability in WordPress uListing plugin (versions <= 2.0.5). Vulnerable parameters: &filter[id], &filter[user], &filter[expired_date], &filter[created_date], &filter[updated_date]. | |||||
| CVE-2019-17228 | 1 Stylemixthemes | 1 Motors - Car Dealer\, Classifieds \& Listing | 2020-02-26 | 6.4 MEDIUM | 6.5 MEDIUM |
| includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress allows unauthenticated options changes. | |||||
| CVE-2019-17229 | 1 Stylemixthemes | 1 Motors - Car Dealer\, Classifieds \& Listing | 2020-02-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress has multiple stored XSS issues. | |||||