Lucene search

Motors - Car Dealer, Classifieds & Listing Security Vulnerabilities

cve

CVE-2019-17228

includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress allows unauthenticated options changes.

6.5CVSS

6.6AI Score

0.002EPSS

2020-02-24 07:15 PM

cve

CVE-2019-17229

includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress has multiple stored XSS issues.

6.1CVSS

6AI Score

0.001EPSS

2020-02-24 07:15 PM

cve

CVE-2022-38716

Cross-Site Request Forgery (CSRF) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing plugin <= 1.4.4 versions.

8.8CVSS

8.8AI Score

0.001EPSS

2023-05-25 11:15 AM

cve

CVE-2022-3989

The Motors WordPress plugin before 1.4.4 does not properly validate uploaded files for dangerous file types (such as .php) in an AJAX action, allowing an attacker to sign up on a victim's WordPress instance, upload a malicious PHP file and attempt to launch a brute-force attack to discover the uplo...

8.8CVSS

8.7AI Score

0.001EPSS

2022-12-12 06:15 PM

cve

CVE-2023-46207

Server-Side Request Forgery (SSRF) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing.This issue affects Motors – Car Dealer, Classifieds & Listing: from n/a through 1.4.6.

7.5CVSS

7.7AI Score

0.001EPSS

2023-11-13 03:15 AM

cve

CVE-2023-46208

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in StylemixThemes Motors – Car Dealer, Classifieds & Listing plugin <= 1.4.6 versions.

7.1CVSS

6AI Score

0.0005EPSS

2023-10-27 09:15 PM