4 matches found
CVE-2025-3437
The Motors – Car Dealership & Classified Listings Plugin for WordPress (CVE-2025-3437) is affected. An unauthorized data modification vulnerability exists due to missing capability checks in ajax_actions.php across all versions up to 1.4.66, allowing authenticated users with Subscriber+ access to...
CVE-2025-3437 Motors – Car Dealership & Classified Listings Plugin <= 1.4.66 - Missing Authorization to Authenticated (Subscriber+) Wizard Set-up
The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in the ajaxactions.php file in all versions up to, and including, 1.4.66. This makes it possible for authenticate...
CVE-2025-3437 Motors – Car Dealership & Classified Listings Plugin <= 1.4.66 - Missing Authorization to Authenticated (Subscriber+) Wizard Set-up
The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in the ajaxactions.php file in all versions up to, and including, 1.4.66. This makes it possible for authenticate...
WordPress Motors plugin <= 1.4.66 - Missing Authorization to Authenticated (Subscriber+) Wizard Set-up vulnerability
Missing Authorization to Authenticated Subscriber+ Wizard Set-up vulnerability discovered by Chloe Chamberland in WordPress Plugin Motors versions = 1.4.66...