46 matches found
CVE-2026-27433 WordPress Motors theme <= 5.6.80 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Motors = 5.6.80 versions...
WordPress Motors – Car Dealership & Classified Listings Plugin plugin <= 1.4.111 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Modification vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Post Meta Modification vulnerability discovered by Michael Perla vizen5 - clixhouse in WordPress Plugin Motors versions = 1.4.111...
WordPress Motors theme <= 5.6.80 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rafie Muhammad in WordPress Theme Motors versions = 5.6.80...
CVE-2026-54828
WordPress Motors plugin for WordPress, versions <= 1.4.109, has an unauthenticated Broken Access Control vulnerability. Affects Motors plugin core files/components on affected installs; CVSS 3.1 base score 7.5 (High) with network access, low attack complexity, no privileges required, no user i...
CVE-2026-54828 WordPress Motors plugin <= 1.4.109 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Motors = 1.4.109 versions...
CVE-2026-54812 WordPress Motors plugin <= 1.4.109 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in StylemixThemes Motors allows Blind SQL Injection. This issue affects Motors: from n/a through 1.4.109...
CVE-2026-54812
CVE-2026-54812 describes an SQL Injection in StylemixThemes Motors (WordPress plugin)
WordPress Motors plugin <= 1.4.109 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by HaiND in WordPress Plugin Motors versions = 1.4.109...
CVE-2026-39515 WordPress Motors plugin < 1.4.107 - Broken Access Control vulnerability
Subscriber Broken Access Control in Motors 1.4.107 versions...
CVE-2026-39515
The WordPress Motors plugin for WordPress, versions prior to 1.4.107, contains a Broken Access Control vulnerability that involves the Subscriber role. The issue enables unauthorized actions due to access control weaknesses in Motors
WordPress Motors – Car Dealership & Classified Listings Plugin plugin <= 1.4.107 - Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
Authenticated Subscriber+ Arbitrary File Deletion vulnerability discovered by Leonid Semenenko lsemenenko in WordPress Plugin Motors versions = 1.4.107...
WordPress Motors – Car Dealership & Classified Listings Plugin plugin <= 1.4.103 - Missing Authorization to Authenticated (Subscriber+) Payment Bypass vulnerability
Missing Authorization to Authenticated Subscriber+ Payment Bypass vulnerability discovered by shrikant bhosale in WordPress Plugin Motors versions = 1.4.103...
WordPress Motors plugin < 1.4.107 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin Motors versions 1.4.107...
WordPress Motors - Car Dealer, Classifieds & Listing plugin <= 1.4.57 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Listing Template Creation vulnerability
WordPress Motors - Car Dealer, Classifieds & Listing plugin = 1.4.57 - Missing Authorization to Authenticated Subscriber+ Arbitrary Post Deletion and Listing Template Creation vulnerability discovered by Thanh Nam Tran in WordPress Plugin Motors versions = 1.4.57...
CVE-2025-64374 WordPress Motors theme <= 5.6.81 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in StylemixThemes Motors motors allows Using Malicious Files.This issue affects Motors: from n/a through = 5.6.81...
CVE-2025-64374
CVE-2025-64374 affects the WordPress Motors theme (StylemixThemes Motors) at versions up to and including 5.6.81. The issue is an Unrestricted Upload of File with Dangerous Type vulnerability that could enable attackers to host or execute malicious files. Root cause: improper validation of upload...
CVE-2025-54691 WordPress Motors Plugin plugin <= 1.4.80 - Insecure Direct Object References (IDOR) Vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Stylemix Motors motors-car-dealership-classified-listings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Motors: from n/a through = 1.4.80...
CVE-2025-54691 WordPress Motors Plugin plugin <= 1.4.80 - Insecure Direct Object References (IDOR) Vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Stylemix Motors allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Motors: from n/a through 1.4.80...
CVE-2025-47586 WordPress Motors - Events plugin <= 1.4.7 - Unauthenticated Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in StylemixThemes Motors - Events stm-motors-events allows PHP Local File Inclusion.This issue affects Motors - Events: from n/a through = 1.4.7...
CVE-2025-47586 WordPress Motors - Events plugin <= 1.4.7 - Unauthenticated Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in StylemixThemes Motors - Events stm-motors-events allows PHP Local File Inclusion.This issue affects Motors - Events: from n/a through = 1.4.7...