CVE-2025-69317 WordPress CarSpot theme < 2.4.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in scriptsbundle CarSpot carspot allows Reflected XSS.This issue affects CarSpot: from n/a through 2.4.6...

CVE-2025-69317 WordPress CarSpot theme < 2.4.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in scriptsbundle CarSpot carspot allows Reflected XSS.This issue affects CarSpot: from n/a through 2.4.6...

WordPress CarSpot theme < 2.4.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme CarSpot versions 2.4.6...

EUVD-2019-6781

Malware in sbrugna...

CVE-2019-15870

The CarSpot theme before 2.1.7 for WordPress has stored XSS via the Phone Number field...

CVE-2024-12860

The CarSpot – Dealership Wordpress Classified Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.4.3. This is due to the plugin not properly validating a token prior to updating a user's password. This makes it possible for...

CVE-2024-12860

The CarSpot – Dealership Wordpress Classified Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.4.3. This is due to the plugin not properly validating a token prior to updating a user's password. This makes it possible for...

CVE-2024-12860

The CarSpot – Dealership Wordpress Classified Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.4.3. This is due to the plugin not properly validating a token prior to updating a user's password. This makes it possible for...

CVE-2024-12860 CarSpot – Dealership Wordpress Classified Theme <= 2.4.3 - Unauthenticated Arbitrary Password Reset/Account Takeover

The CarSpot – Dealership Wordpress Classified Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.4.3. This is due to the plugin not properly validating a token prior to updating a user's password. This makes it possible for...

WordPress CarSpot theme <= 2.4.3 - Unauthenticated Arbitrary Password Reset/Account Takeover vulnerability

Unauthenticated Arbitrary Password Reset/Account Takeover vulnerability discovered by Lucio Sá in WordPress Theme CarSpot versions = 2.4.3...

WordPress CarSpot theme cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.CarSpot theme is a plugin used in one of the car sales website themes. A cross-site scripting vulnerability exists in...

CVE-2019-15870

The CarSpot theme before 2.1.7 for WordPress has stored XSS via the Phone Number field...

CVE-2019-15870

The CarSpot theme before 2.1.7 for WordPress has stored XSS via the Phone Number field...

Cross site scripting

The CarSpot theme before 2.1.7 for WordPress has stored XSS via the Phone Number field...

CVE-2019-15870

CVE-2019-15870 affects the WordPress CarSpot theme prior to 2.1.7. The vulnerability is a stored XSS in the Phone Number field, enabling injected client-side script. Affected: CarSpot WordPress theme versions before 2.1.7 (summary appears in NVD, Red Hat advisories, CNVD, CVE/CVEList entries, and...

CVE-2019-15870

The CarSpot theme before 2.1.7 for WordPress has stored XSS via the Phone Number field...

WordPress CarSpot theme <= 2.1.6 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability found by QUIXSS in WordPress CarSpot theme versions = 2.1.6. Solution Update the WordPress CarSpot theme to the latest available version at least 2.1.7...

CarSpot Theme <= 2.1.6 - Authenticated Stored XSS

Bad input field data filtering has been discovered in the 'CarSpot – Automotive Car Dealer Wordpress Classified Theme'. Current version of this Premium Theme is 2.1.5. Authorize on the demo website for tests: https://carspot.scriptsbundle.com/, login is [email protected] and passowrd i...