Lucene search
K

4 matches found

CVE
CVE
added 2025/04/08 9:21 a.m.71 views

CVE-2025-3437

The Motors – Car Dealership & Classified Listings Plugin for WordPress (CVE-2025-3437) is affected. An unauthorized data modification vulnerability exists due to missing capability checks in ajax_actions.php across all versions up to 1.4.66, allowing authenticated users with Subscriber+ access to...

4.3CVSS7AI score0.00293EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2025/04/08 9:21 a.m.21 views

CVE-2025-3437 Motors – Car Dealership & Classified Listings Plugin <= 1.4.66 - Missing Authorization to Authenticated (Subscriber+) Wizard Set-up

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in the ajaxactions.php file in all versions up to, and including, 1.4.66. This makes it possible for authenticate...

4.3CVSS0.00293EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/08 9:21 a.m.7 views

CVE-2025-3437 Motors – Car Dealership & Classified Listings Plugin <= 1.4.66 - Missing Authorization to Authenticated (Subscriber+) Wizard Set-up

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in the ajaxactions.php file in all versions up to, and including, 1.4.66. This makes it possible for authenticate...

4.3CVSS7AI score0.00293EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/04/07 9:59 p.m.7 views

WordPress Motors plugin <= 1.4.66 - Missing Authorization to Authenticated (Subscriber+) Wizard Set-up vulnerability

Missing Authorization to Authenticated Subscriber+ Wizard Set-up vulnerability discovered by Chloe Chamberland in WordPress Plugin Motors versions = 1.4.66...

4.3CVSS8.3AI score0.00293EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder