Lucene search
K

23 matches found

Patchstack
Patchstack
added 2026/06/30 1:24 p.m.6 views

WordPress Automotive Car Dealership Business theme <= 13.3.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Automotive Car Dealership Business versions = 13.3.3...

7.1CVSS5.8AI score0.00191EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.10 views

CVE-2026-3892

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.4.107. This is due to insufficient file path validation in the become-dealer logo upload flow. The plugin allows any authenticated user to...

8.1CVSS5.6AI score0.00256EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

WordPress Theme Automotive Car Dealership Business 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.9AI score0.00159EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/05/28 5:26 p.m.12 views

WordPress Automotive Car Dealership Business WordPress Theme theme <= 13.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Mateusz Gierblinski in WordPress Theme Automotive Car Dealership Business versions = 13.4.1...

6.4CVSS5.8AI score0.00159EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 6:44 a.m.6 views

CVE-2026-3892

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.4.107. This is due to insufficient file path validation in the become-dealer logo upload flow. The plugin allows any authenticated user to...

8.1CVSS5.9AI score0.00256EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.8 views

WordPress plugin Motors – Car Dealership & Classified Listings 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

4.3CVSS5.8AI score0.00222EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/28 7:47 a.m.14 views

CVE-2025-14040

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. This is due to insufficient input sanitization and output escaping on user-supplied attributes in th...

6.4CVSS6.1AI score0.00269EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/27 12:0 a.m.8 views

WordPress plugin Automotive Car Dealership Business 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.4CVSS5.8AI score0.00269EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.10 views

PT-2026-22306

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. This is due to insufficient input sanitization and output escaping on user-supplied attributes in th...

6.4CVSS6AI score0.00269EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/02/26 11:28 p.m.6 views

WordPress Automotive Car Dealership Business WordPress Theme plugin <= 13.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Call to Action Fields vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Call to Action Fields vulnerability discovered by Mateusz Gierblinski in WordPress Theme Automotive Car Dealership Business versions = 13.4...

6.4CVSS5.4AI score0.00269EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/09 4:14 a.m.5 views

CVE-2025-10494

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation when deleting profile pictures in all versions up to, and including, 1.4.89. This makes it possible for authenticated attackers, with...

8.1CVSS7.3AI score0.0046EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/08 12:0 a.m.3 views

WordPress plugin Motors – Car Dealership & Classified Listings 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security...

8.1CVSS7.6AI score0.0046EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/10 9:47 a.m.11 views

CVE-2025-3437

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in the ajaxactions.php file in all versions up to, and including, 1.4.66. This makes it possible for authenticate...

4.3CVSS6.8AI score0.00273EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.4 views

WordPress plugin Motors – Car Dealership & Classified Listings Plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

5.4CVSS6AI score0.00196EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.6 views

WordPress plugin Motors – Car Dealership & Classified Listings Plugin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS9.1AI score0.00778EPSS
Exploits1References4
Wired Threat Level
Wired Threat Level
added 2024/07/13 10:30 a.m.9 views

Spyware Users Exposed in Major Data Breach

Plus: The Heritage Foundation gets hacked over Project 2025, a car dealership software provider seems to have paid $25 million to a ransomware gang, and authorities disrupt a Russian bot farm...

7.3AI score
Exploits0
CVE
CVE
added 2024/02/10 8:1 a.m.91 views

CVE-2024-24713

CVE-2024-24713 concerns the WordPress plugin “Auto Listings – Car Listings & Car Dealership” vulnerable to a stored XSS due to improper input neutralization during web page generation. Affected versions are listed as n/a through 2.6.5. The issue is described as Cross-Site Scripting and was public...

6.5CVSS6.7AI score0.0031EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2020/02/25 12:0 a.m.2 views

WordPress motors-car-dealership-classified-listings cross-site scripting vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the includes/options.php file in WordPress...

6.1CVSS6.3AI score0.01364EPSS
Exploits1References1
CNVD
CNVD
added 2020/02/25 12:0 a.m.3 views

Unspecified vulnerability in WordPress motors-car-dealership-classified-listings

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the includes/options.php file in WordPress...

6.5CVSS6.6AI score0.01153EPSS
Exploits1References1
NVD
NVD
added 2020/02/24 7:15 p.m.24 views

CVE-2019-17228

includes/options.php in the motors-car-dealership-classified-listings aka Motors - Car Dealer & Classified Ads plugin through 1.4.0 for WordPress allows unauthenticated options changes...

6.5CVSS6.6AI score0.01153EPSS
Exploits1References3
Rows per page
Query Builder