| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-24391 | WordPress Car Dealer theme <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability | ThemeMakers | Car Dealer | High | 7.1 | 2026-03-25 16:14:33 | Deep Dive |
| CVE-2019-25534 | Netartmedia PHP Car Dealer SQL Injection via features parameter | Netartmedia | Netartmedia PHP Car Dealer | High | 8.2 | 2026-03-12 15:37:06 | Deep Dive |
| CVE-2025-39480 | WordPress Car Dealer theme < 1.6.8 - PHP Object Injection vulnerability | ThemeMakers | Car Dealer | Critical | 9.8 | 2025-05-23 12:43:56 | Deep Dive |
| CVE-2025-4322 | Motors <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover | StylemixThemes | Motors - Car Dealer, Rental & Listing WordPress theme | Critical | 9.8 | 2025-05-20 05:30:48 | Deep Dive |
| CVE-2024-13738 | Motors - Car Dealer, Rental & Listing WordPress theme <= 5.6.65 - Unauthenticated Arbitrary Shortcode Execution | StylemixThemes | Motors - Car Dealer, Rental & Listing WordPress theme | High | 7.3 | 2025-05-03 02:21:56 | Deep Dive |
| CVE-2025-1687 | Cardealer <= 1.6.4 - Cross-Site Request Forgery to User Update via update_user_profile | ThemeMakers | Car Dealer Automotive WordPress Theme – Responsive | High | 8.8 | 2025-02-27 23:22:40 | Deep Dive |
| CVE-2025-1682 | Cardealer <= 1.6.4 - Arbitrary Theme Option Update to Authenticated (Subscriber+) Privilege Escalation | ThemeMakers | Car Dealer Automotive WordPress Theme – Responsive | High | 8.8 | 2025-02-27 23:22:39 | Deep Dive |
| CVE-2025-1681 | Cardealer <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) Change and Delete JS and CSS Files | ThemeMakers | Car Dealer Automotive WordPress Theme – Responsive | Medium | 5.4 | 2025-02-27 23:22:39 | Deep Dive |
| CVE-2025-1282 | Car Dealer Automotive WordPress Theme – Responsive <= 1.6.3 - Authenticated (Subscriber+) Arbitrary File Deletion and Read | ThemeMakers | Car Dealer Automotive WordPress Theme – Responsive | High | 8.8 | 2025-02-27 08:22:04 | Deep Dive |
| CVE-2024-10970 | Motors – Car Dealer, Classifieds & Listing <= 1.4.43 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Custom Title | stylemix | Motors – Car Dealership & Classified Listings Plugin | Medium | 5.4 | 2025-01-16 01:49:04 | Deep Dive |
| CVE-2024-54298 | WordPress Car Dealer plugin <= 4.46 - Broken Access Control vulnerability | sminozzi | Car Dealer | Medium | 4.3 | 2024-12-13 14:25:11 | Deep Dive |
| CVE-2024-5545 | Motors – Car Dealer, Classifieds & Listing <= 1.4.9 - Missing Authorization | stylemix | Motors – Car Dealership & Classified Listings Plugin | Medium | 5.3 | 2024-07-02 07:37:05 | Deep Dive |
| CVE-2024-4214 | WordPress cardealer plugin <= 4.15 - Content Injection vulnerability | Bill Minozzi | Car Dealer | Low | 2.7 | 2024-05-17 08:45:24 | Deep Dive |
| CVE-2023-46207 | WordPress Motors – Car Dealer & Classified Ads Plugin <= 1.4.6 is vulnerable to Server Side Request Forgery (SSRF) | StylemixThemes | Motors – Car Dealer, Classifieds & Listing | Medium | 4.1 | 2023-11-13 02:51:13 | Deep Dive |
| CVE-2023-46208 | WordPress Motors – Car Dealer & Classified Ads Plugin <= 1.4.6 is vulnerable to Cross Site Scripting (XSS) | StylemixThemes | Motors – Car Dealer, Classifieds & Listing | High | 7.1 | 2023-10-27 20:28:53 | Deep Dive |
| CVE-2022-38716 | WordPress Motors – Car Dealer & Classified Ads Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF) | StylemixThemes | Motors – Car Dealer, Classifieds & Listing | Medium | 5.4 | 2023-05-25 10:28:42 | Deep Dive |
| CVE-2022-3879 | Car Dealer < 3.05 - Subscriber+ Arbitrary Plugin Installation | Unknown | Car Dealer (Dealership) and Vehicle sales WordPress Plugin | 中危 | - | 2022-12-12 17:54:53 | Deep Dive |