StylemixThemes — Vulnerabilities & Security Advisories 48

Browse all 48 CVE security advisories affecting StylemixThemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-37385	WordPress Consulting theme <= 6.5.6 - Local File Inclusion — ConsultingCWE-22	7.3	High	2024-05-17
CVE-2024-4097	Cost Calculator Builder Pro <= 3.1.67 - Unauthenticated Cross-Site Scripting via SVG Upload — Cost Calculator Builder PROCWE-79	7.2	High	2024-05-02
CVE-2023-50852	WordPress BookIt Plugin <= 2.4.3 is vulnerable to SQL Injection — Booking Calendar \| Appointment Booking \| BookItCWE-89	7.6	High	2023-12-28
CVE-2023-46207	WordPress Motors – Car Dealer & Classified Ads Plugin <= 1.4.6 is vulnerable to Server Side Request Forgery (SSRF) — Motors – Car Dealer, Classifieds & ListingCWE-918	4.1	Medium	2023-11-13
CVE-2023-46208	WordPress Motors – Car Dealer & Classified Ads Plugin <= 1.4.6 is vulnerable to Cross Site Scripting (XSS) — Motors – Car Dealer, Classifieds & ListingCWE-79	7.1	High	2023-10-27
CVE-2023-35093	WordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Broken Access Control — MasterStudy LMS WordPress Plugin – for Online Courses and EducationCWE-862	6.5	Medium	2023-06-22
CVE-2023-35090	WordPress MasterStudy LMS Plugin <= 3.0.8 is vulnerable to Cross Site Scripting (XSS) — MasterStudy LMS WordPress Plugin – for Online Courses and EducationCWE-79	6.5	Medium	2023-06-22
CVE-2022-45815	WordPress GDPR Compliance & Cookie Consent Plugin <= 1.2 is vulnerable to Cross Site Request Forgery (CSRF) — GDPR Compliance & Cookie ConsentCWE-352	4.3	Medium	2023-05-25
CVE-2022-38716	WordPress Motors – Car Dealer & Classified Ads Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF) — Motors – Car Dealer, Classifieds & ListingCWE-352	5.4	Medium	2023-05-25
CVE-2022-38356	WordPress Pearl Plugin <= 1.3.4 is vulnerable to Cross Site Request Forgery (CSRF) — WordPress Header Builder Plugin – PearlCWE-352	5.4	Medium	2023-05-25
CVE-2022-25614	WordPress eRoom plugin <= 1.3.7 - Cross-Site Request Forgery (CSRF) leading to Sync with Zoom Meetings vulnerability — eRoom – Zoom Meetings & Webinar (WordPress plugin)CWE-352	4.3	Medium	2022-04-11
CVE-2022-25615	WordPress eRoom plugin <= 1.3.8 - Cross-Site Request Forgery (CSRF) vulnerability leading to Cache Deletion — eRoom – Zoom Meetings & Webinar (WordPress plugin)CWE-352	4.3	Medium	2022-04-11
CVE-2021-36880	WordPress uListing plugin <= 2.0.3 - Unauthenticated SQL Injection (SQLi) vulnerability — uListing (WordPress plugin)CWE-89	8.6	High	2021-09-27
CVE-2021-36874	WordPress uListing plugin <= 2.0.5 - Authenticated Insecure Direct Object References (IDOR) vulnerability — uListing (WordPress plugin)	7.1	High	2021-09-27
CVE-2021-36877	WordPress uListing plugin <= 2.0.5 - Modify User Roles via Cross-Site Request Forgery (CSRF) vulnerability — uListing (WordPress plugin)CWE-352	4.3	Medium	2021-09-27
CVE-2021-36876	WordPress uListing plugin <= 2.0.5 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities — uListing (WordPress plugin)CWE-352	5.4	Medium	2021-09-27
CVE-2021-36879	WordPress uListing plugin <= 2.0.5 - Unauthenticated Privilege Escalation vulnerability — uListing (WordPress plugin)CWE-264	9.8	Critical	2021-09-27
CVE-2021-36878	WordPress uListing plugin <= 2.0.5 - Settings Update via Cross-Site Request Forgery (CSRF) vulnerability — uListing (WordPress plugin)CWE-352	4.3	Medium	2021-09-27

This page lists every published CVE security advisory associated with StylemixThemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

StylemixThemes — Vulnerabilities & Security Advisories 48