CVE-2026-3892

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.4.107. This is due to insufficient file path validation in the become-dealer logo upload flow. The plugin allows any authenticated user to...

WordPress Theme Automotive Car Dealership Business 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress Automotive Car Dealership Business WordPress Theme theme <= 13.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Mateusz Gierblinski in WordPress Theme Automotive Car Dealership Business versions = 13.4.1...

CVE-2026-3892

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.4.107. This is due to insufficient file path validation in the become-dealer logo upload flow. The plugin allows any authenticated user to...

WordPress plugin Motors – Car Dealership & Classified Listings 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

CVE-2025-14040

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. This is due to insufficient input sanitization and output escaping on user-supplied attributes in th...

PT-2026-22306

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. This is due to insufficient input sanitization and output escaping on user-supplied attributes in th...

WordPress plugin Automotive Car Dealership Business 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress Automotive Car Dealership Business WordPress Theme plugin <= 13.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Call to Action Fields vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Call to Action Fields vulnerability discovered by Mateusz Gierblinski in WordPress Theme Automotive Car Dealership Business versions = 13.4...

700Credit Data Breach Impacts Millions of Car Owners

US auto loan service 700Credit confirms a data breach exposed names, addresses, and Social Security numbers of dealership customers. Free credit monitoring is offered...

CVE-2025-10494

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation when deleting profile pictures in all versions up to, and including, 1.4.89. This makes it possible for authenticated attackers, with...

WordPress plugin Motors – Car Dealership & Classified Listings 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security...

CVE-2025-3437

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in the ajaxactions.php file in all versions up to, and including, 1.4.66. This makes it possible for authenticate...

WordPress plugin Motors – Car Dealership & Classified Listings Plugin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Motors – Car Dealership & Classified Listings Plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

Cicada3301 Ransomware Claims Attack on French Peugeot Dealership

SUMMARY Cicada3301, a ransomware group, has claimed responsibility for a data breach targeting Concession Peugeot concessions.peugeot.fr, a prominent…...

Spyware Users Exposed in Major Data Breach

Plus: The Heritage Foundation gets hacked over Project 2025, a car dealership software provider seems to have paid $25 million to a ransomware gang, and authorities disrupt a Russian bot farm...

CVE-2024-24713

CVE-2024-24713 concerns the WordPress plugin “Auto Listings – Car Listings & Car Dealership” vulnerable to a stored XSS due to improper input neutralization during web page generation. Affected versions are listed as n/a through 2.6.5. The issue is described as Cross-Site Scripting and was public...

kia.dealertyres.co.uk Cross Site Scripting vulnerability OBB-3552768

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

TikTok car theft challenge: Hyundai, Kia fix flaw

Car manufacturer Hyundai, and its subsidiary Kia, began rolling out a free software update on February 14, 2023, to address a flaw in their anti-theft software, which was highlighted in a social media challenge. The release of the update came nine months after an uptick in car theft of the affect...