Pricing
Case studies
Login
Start trial
Motors
Stylemix
Developer
1.4.113
Latest version
9,000
Installations
No date
Last updated
WordPress Plugin
Active VDP
Report vulnerability
Vulnerabilities
Security Policy
Security Contributors
Vulnerability history
0 present
23 patched
12 Mitigation rules
Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Modification vulnerability
<= 1.4.111
30/06/2026
Unauthenticated Post-Meta Write via stm_ajax_add_a_car_media vulnerability
< 1.4.110
22/06/2026
Broken Access Control vulnerability
<= 1.4.109
17/06/2026
Local File Inclusion vulnerability
<= 1.4.109
17/06/2026
SQL Injection vulnerability
<= 1.4.109
17/06/2026
Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
<= 1.4.107
14/05/2026
Missing Authorization to Authenticated (Subscriber+) Payment Bypass vulnerability
<= 1.4.103
11/05/2026
Broken Access Control vulnerability
< 1.4.107
21/04/2026
WordPress Motors - Car Dealer, Classifieds & Listing plugin <= 1.4.57 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Listing Template Creation vulnerability
<= 1.4.57
31/12/2025
Authenticated (Subscriber+) Arbitrary File Deletion vulnerability
<= 1.4.89
07/10/2025
Insecure Direct Object References (IDOR) Vulnerability
<= 1.4.80
30/07/2025
Local File Inclusion vulnerability
<= 1.4.71
09/04/2025
Missing Authorization to Authenticated (Subscriber+) Wizard Set-up vulnerability
<= 1.4.66
07/04/2025
Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation vulnerability
<= 1.4.64
07/04/2025
Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability
<= 1.4.63
07/04/2025
Cross Site Scripting (XSS) vulnerability
<= 1.4.71
04/04/2025
Local File Inclusion vulnerability
<= 1.4.71
04/04/2025
Authenticated (Subscriber+) Arbitrary Shortcode Execution via Custom Title vulnerability
<= 1.4.43
15/01/2025
Missing Authorization vulnerability
<= 1.4.9
02/07/2024
Reflected Cross Site Scripting (XSS) vulnerability
<= 1.4.6
19/10/2023
Server Side Request Forgery (SSRF) vulnerability
<= 1.4.6
19/10/2023
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities
<= 1.4.4
19/04/2023
Multiple security issues
<= 1.4.0
23/09/2019