Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

stylemix — Vulnerabilities & Security Advisories 64

Browse all 64 CVE security advisories affecting stylemix. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products stylemix:Directory Listings WordPress plugin – uListingCost Calculator BuilderMasterStudy LMS WordPress Plugin – for Online Courses and EducationMasterStudy LMSMotors – Car Dealership & Classified Listings PluginuListingMotorsPearl – Header BuilderPearl
CVE IDTitleCVSSSeverityPaused
CVE-2026-4817 MasterStudy LMS <= 3.7.25 - Authenticated (Subscriber+) Time-based Blind SQL Injection via 'order' and 'orderby' Parameters — MasterStudy LMS WordPress Plugin – for Online Courses and EducationCWE-89 6.5 Medium2026-04-17
CVE-2026-28078 WordPress uListing plugin <= 2.2.0 - Arbitrary File Download vulnerability — uListingCWE-22 7.5 -2026-03-05
CVE-2026-28138 WordPress uListing plugin <= 2.2.0 - PHP Object Injection vulnerability — uListingCWE-502 9.8AICriticalAI2026-02-26
CVE-2026-0559 MasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.7.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'stm_lms_courses_grid_display' Shortcode — MasterStudy LMS WordPress Plugin – for Online Courses and EducationCWE-79 6.4 Medium2026-02-14
CVE-2025-14757 Cost Calculator Builder <= 3.6.9 - Missing Authorization to Unauthenticated Payment Status Bypass — Cost Calculator BuilderCWE-862 5.3 Medium2026-01-16
CVE-2025-13766 MasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.7.6 Missing Authorization to Authenticated (Subscriber+) Posts and Media Creation, Modification and Deletion — MasterStudy LMS WordPress Plugin – for Online Courses and EducationCWE-862 5.4 Medium2026-01-06
CVE-2025-12529 Cost Calculator Builder <= 3.6.3 - Unauthenticated Arbitrary File Deletion — Cost Calculator BuilderCWE-73 8.8 High2025-12-02
CVE-2025-62049 WordPress Cost Calculator Builder plugin <= 3.5.32 - Broken Access Control vulnerability — Cost Calculator BuilderCWE-862 6.5 Medium2025-11-06
CVE-2025-64366 WordPress MasterStudy LMS plugin <= 3.6.27 - SQL Injection vulnerability — MasterStudy LMSCWE-89 7.6 High2025-10-31
CVE-2025-59575 WordPress MasterStudy LMS plugin <= 3.6.20 - Sensitive Data Exposure vulnerability — MasterStudy LMSCWE-497 6.5AIMediumAI2025-10-22
CVE-2025-10494 Motors – Car Dealership & Classified Listings Plugin <= 1.4.89 - Authenticated (Subscriber+) Arbitrary File Deletion — Motors – Car Dealership & Classified Listings PluginCWE-73 8.1 High2025-10-08
CVE-2025-9243 Cost Calculator Builder <= 3.5.32 - Authenticated (Subscriber+) Missing Authorization via get_cc_orders/update_order_status Functions — Cost Calculator BuilderCWE-862 8.1 High2025-10-04
CVE-2025-59576 WordPress MasterStudy LMS Plugin <= 3.6.20 - Broken Access Control Vulnerability — MasterStudy LMSCWE-862 6.5 Medium2025-09-22
CVE-2025-59577 WordPress MasterStudy LMS Plugin <= 3.6.20 - Race Condition Vulnerability — MasterStudy LMSCWE-362 4.3 Medium2025-09-22
CVE-2025-54744 WordPress MasterStudy LMS plugin <= 3.6.15 - Broken Access Control vulnerability — MasterStudy LMSCWE-862 6.5 Medium2025-09-05
CVE-2025-54691 WordPress Motors Plugin plugin <= 1.4.80 - Insecure Direct Object References (IDOR) Vulnerability — MotorsCWE-639 5.3 Medium2025-08-14
CVE-2025-48277 WordPress Cost Calculator Builder plugin <= 3.2.74 - Cross Site Scripting (XSS) Vulnerability — Cost Calculator BuilderCWE-79 5.9 Medium2025-05-19
CVE-2025-32662 WordPress uListing plugin <= 2.2.0 - Deserialization of untrusted data vulnerability — uListingCWE-502 8.8 High2025-04-17
CVE-2025-39587 WordPress Cost Calculator Builder plugin <= 3.2.65 - SQL Injection Vulnerability — Cost Calculator BuilderCWE-89 9.3 Critical2025-04-17
CVE-2025-2128 Cost Calculator Builder <= 3.2.67 - Authenticated (Subscriber+) SQL Injection via order_ids Parameter — Cost Calculator BuilderCWE-89 6.5 Medium2025-04-11
CVE-2025-32654 WordPress Motors plugin <= 1.4.71 - Local File Inclusion vulnerability — MotorsCWE-98 8.1 High2025-04-11
CVE-2025-3437 Motors – Car Dealership & Classified Listings Plugin <= 1.4.66 - Missing Authorization to Authenticated (Subscriber+) Wizard Set-up — Motors – Car Dealership & Classified Listings PluginCWE-862 4.3 Medium2025-04-08
CVE-2025-2808 Motors – Car Dealership & Classified Listings Plugin <= 1.4.63 - Authenticated (Subscriber+) Stored Cross-Site Scripting — Motors – Car Dealership & Classified Listings PluginCWE-79 5.4 Medium2025-04-08
CVE-2025-2807 Motors – Car Dealership & Classified Listings Plugin <= 1.4.64 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation — Motors – Car Dealership & Classified Listings PluginCWE-862 8.8 High2025-04-08
CVE-2025-32237 WordPress MasterStudy LMS plugin <= 3.5.28 - Broken Access Control vulnerability — MasterStudy LMSCWE-862 4.3 Medium2025-04-04
CVE-2025-32170 WordPress Motors plugin <= 1.4.71 - Cross Site Scripting (XSS) vulnerability — MotorsCWE-79 6.5 Medium2025-04-04
CVE-2025-32142 WordPress Motors plugin <= 1.4.71 - Local File Inclusion vulnerability — MotorsCWE-98 8.8 High2025-04-04
CVE-2025-32141 WordPress MasterStudy LMS plugin <= 3.5.28 - Local File Inclusion vulnerability — MasterStudy LMSCWE-98 8.8 High2025-04-04
CVE-2025-32122 WordPress uListing plugin <= 2.2.0 - SQL Injection vulnerability — uListingCWE-89 7.6 High2025-04-04
CVE-2025-31880 WordPress Pearl plugin <= 1.3.9 - Cross Site Request Forgery (CSRF) vulnerability — PearlCWE-352 4.3 Medium2025-04-01

This page lists every published CVE security advisory associated with stylemix. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.