Lucene search
K

364 matches found

Nuclei
Nuclei
added 8 hours ago10 views

Motors Car Dealer & Classified Ads <= 1.4.0 - Unauthenticated settings import/export

includes/options.php in the motors-car-dealership-classified-listings aka Motors - Car Dealer & Classified Ads plugin through 1.4.0 for WordPress allows unauthenticated options changes. id: CVE-2019-17228 info: name: Motors Car Dealer & Classified Ads = 1.4.0 - Unauthenticated settings...

6.5CVSS6.6AI score0.01153EPSS
Exploits1References4
Nuclei
Nuclei
added 8 hours ago88 views

Motors <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover

The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to chan...

9.8CVSS7.5AI score0.18241EPSS
Exploits3References4
NVD
NVD
added 6 days ago4 views

CVE-2026-27433

Unauthenticated Broken Access Control in Motors = 5.6.80 versions...

6.5CVSS0.00253EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-27433 WordPress Motors theme <= 5.6.80 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Motors = 5.6.80 versions...

6.5CVSS0.00253EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-41337

Unauthenticated Broken Access Control in Motors = 5.6.80 versions...

6.5CVSS5.8AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 6 days ago11 views

CVE-2026-27433

The CVE concerns the WordPress Motors theme (

6.5CVSS5.8AI score0.00253EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/30 7:4 p.m.5 views

WordPress Motors – Car Dealership & Classified Listings Plugin plugin <= 1.4.111 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Modification vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Post Meta Modification vulnerability discovered by Michael Perla vizen5 - clixhouse in WordPress Plugin Motors versions = 1.4.111...

4.3CVSS5.8AI score0.00232EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/30 1:2 p.m.5 views

WordPress Motors theme <= 5.6.80 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad in WordPress Theme Motors versions = 5.6.80...

6.5CVSS5.8AI score0.00253EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/06/25 1:12 p.m.7 views

EUVD-2026-39366

Unauthenticated Broken Access Control in Motors = 1.4.109 versions...

7.5CVSS5.8AI score0.00238EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 1:12 p.m.16 views

CVE-2026-54828

WordPress Motors plugin for WordPress, versions &lt;= 1.4.109, has an unauthenticated Broken Access Control vulnerability. Affects Motors plugin core files/components on affected installs; CVSS 3.1 base score 7.5 (High) with network access, low attack complexity, no privileges required, no user i...

7.5CVSS5.8AI score0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 1:12 p.m.27 views

CVE-2026-54828 WordPress Motors plugin <= 1.4.109 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in Motors = 1.4.109 versions...

7.5CVSS0.00238EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/22 8:45 a.m.10 views

WordPress Motors Car Dealership & Classified Listings plugin < 1.4.110 - Unauthenticated Post-Meta Write via stm_ajax_add_a_car_media vulnerability

Unauthenticated Post-Meta Write via stmajaxaddacarmedia vulnerability discovered by Mustafa Ahmed in WordPress Plugin Motors versions 1.4.110...

5.3CVSS5.8AI score0.00117EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/22 6:0 a.m.32 views

CVE-2026-7859 Motors Car Dealership & Classified Listings < 1.4.110 - Unauthenticated Post-Meta Write via stm_ajax_add_a_car_media

The Motors WordPress plugin before 1.4.110 does not have proper authorisation and CSRF checks on one of its AJAX actions, allowing unauthenticated attackers to modify arbitrary post metadata, such as the gallery, featured image and, on WooCommerce sites, product prices...

0.00117EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 6:0 a.m.5 views

CVE-2026-7859

The Motors WordPress plugin before 1.4.110 does not have proper authorisation and CSRF checks on one of its AJAX actions, allowing unauthenticated attackers to modify arbitrary post metadata, such as the gallery, featured image and, on WooCommerce sites, product prices...

5.3CVSS6AI score0.00117EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 3:17 p.m.11 views

CVE-2026-54812

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Motors allows Blind SQL Injection. This issue affects Motors: from n/a through 1.4.109...

9.3CVSS0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/17 2:24 p.m.31 views

CVE-2026-54812 WordPress Motors plugin <= 1.4.109 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Motors allows Blind SQL Injection. This issue affects Motors: from n/a through 1.4.109...

9.3CVSS0.00291EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/17 2:24 p.m.9 views

EUVD-2026-37727

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Motors allows Blind SQL Injection. This issue affects Motors: from n/a through 1.4.109...

9.3CVSS5.6AI score0.00291EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 2:24 p.m.14 views

CVE-2026-54812

CVE-2026-54812 describes an SQL Injection in StylemixThemes Motors (WordPress plugin)

9.3CVSS5.6AI score0.00291EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 2:17 p.m.11 views

CVE-2026-54814

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in StylemixThemes Motors allows PHP Local File Inclusion. This issue affects Motors: from n/a through 1.4.109...

8.1CVSS0.00337EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/17 1:59 p.m.8 views

WordPress Motors plugin <= 1.4.109 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by HaiND in WordPress Plugin Motors versions = 1.4.109...

7.5CVSS5.8AI score0.00238EPSS
Exploits0Affected Software1
Rows per page
Query Builder