Lucene search
K

13 matches found

CVE
CVE
added 2026/03/25 4:14 p.m.10 views

CVE-2026-24391

The connected document identifies a concrete vulnerability: WordPress Car Dealer theme versions ≤ 1.6.7 suffers a reflected Cross-Site Scripting (XSS) vulnerability. The issue is caused by input that is reflected back to the user without proper sanitization, enabling an attacker to run arbitrary ...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.24 views

CVE-2026-24391 WordPress Car Dealer theme <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeMakers Car Dealer cardealer allows Reflected XSS.This issue affects Car Dealer: from n/a through = 1.6.7...

7.1CVSS0.00175EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/03/23 2:40 p.m.7 views

WordPress Car Dealer theme <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Car Dealer versions = 1.6.7...

7.1CVSS5.8AI score0.00175EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/07 9:11 a.m.8 views

CVE-2025-1282

The Car Dealer Automotive WordPress Theme – Responsive theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deletepostphoto and addcar functions in all versions up to, and including, 1.6.3. This makes it possible for authenticated attackers,...

8.8CVSS7.6AI score0.01025EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/23 12:43 p.m.29 views

CVE-2025-39480 WordPress Car Dealer theme < 1.6.8 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeMakers Car Dealer cardealer allows Object Injection.This issue affects Car Dealer: from n/a through 1.6.8...

9.8CVSS0.00503EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/22 11:23 a.m.5 views

WordPress Car Dealer theme <= 1.6.6 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Bonds in WordPress Theme Car Dealer versions = 1.6.6...

9.8CVSS7.2AI score0.00503EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/02/27 11:36 a.m.8 views

WordPress Cardealer theme <= 1.6.4 - Arbitrary Theme Option Update to Authenticated (Subscriber+) Privilege Escalation vulnerability

Arbitrary Theme Option Update to Authenticated Subscriber+ Privilege Escalation vulnerability discovered by István Márton in WordPress Theme Car Dealer versions = 1.6.4...

8.8CVSS7AI score0.00531EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/02/27 11:34 a.m.5 views

WordPress Cardealer theme <= 1.6.4 - Cross-Site Request Forgery to User Update via update_user_profile vulnerability

Cross-Site Request Forgery to User Update via updateuserprofile vulnerability discovered by István Márton in WordPress Theme Car Dealer versions = 1.6.4...

8.8CVSS7AI score0.00262EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2025/02/27 9:15 a.m.4 views

CVE-2025-1282

The Car Dealer Automotive WordPress Theme – Responsive theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deletepostphoto and addcar functions in all versions up to, and including, 1.6.3. This makes it possible for authenticated attackers,...

8.8CVSS7.9AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/02/27 8:22 a.m.6 views

CVE-2025-1282 Car Dealer Automotive WordPress Theme – Responsive <= 1.6.3 - Authenticated (Subscriber+) Arbitrary File Deletion and Read

The Car Dealer Automotive WordPress Theme – Responsive theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deletepostphoto and addcar functions in all versions up to, and including, 1.6.3. This makes it possible for authenticated attackers,...

8.8CVSS8.8AI score0.01025EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/02/26 10:40 p.m.7 views

WordPress Car Dealer theme <= 1.6.3 - Authenticated (Subscriber+) Arbitrary File Deletion and Read vulnerability

Authenticated Subscriber+ Arbitrary File Deletion and Read vulnerability discovered by Tonn in WordPress Theme Car Dealer versions = 1.6.3...

8.8CVSS7AI score0.01025EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2019/10/15 12:0 a.m.3 views

WordPress ThemeMakers Car Dealer / Auto Dealer Responsive theme Information Disclosure Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.ThemeMakers Car Dealer / Auto Dealer Responsive theme is one of the car sales website theme plugins used in it. WordPress...

7.5CVSS6.1AI score0.03065EPSS
Exploits1References1
Patchstack
Patchstack
added 2015/05/27 12:0 a.m.9 views

WordPress Car Dealer Theme - Information Disclosure

Because of this vulnerability, the attackers can obtain sensitive information. Solution Update the theme...

2.6AI score
Exploits0References1Affected Software1
Rows per page
Query Builder