Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

stylemix — Vulnerabilities & Security Advisories 64

Browse all 64 CVE security advisories affecting stylemix. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products stylemix:Directory Listings WordPress plugin – uListingCost Calculator BuilderMasterStudy LMS WordPress Plugin – for Online Courses and EducationMasterStudy LMSMotors – Car Dealership & Classified Listings PluginuListingMotorsPearl – Header BuilderPearl
CVE IDTitleCVSSSeverityPaused
CVE-2025-31880 WordPress Pearl plugin <= 1.3.9 - Cross Site Request Forgery (CSRF) vulnerability — PearlCWE-352 4.3 Medium2025-04-01
CVE-2025-31414 WordPress Cost Calculator Builder plugin <= 3.2.65 - Cross Site Scripting (XSS) vulnerability — Cost Calculator BuilderCWE-79 6.5 Medium2025-03-31
CVE-2024-13737 Motors – Car Dealer, Classifieds & Listing <= 1.4.57 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion and Listing Template Creation — Motors – Car Dealership & Classified Listings PluginCWE-862 4.3 Medium2025-03-22
CVE-2025-1653 Directory Listings WordPress plugin – uListing <= 2.2.0 - Authenticated (Subscriber+) Privilege Escalation — Directory Listings WordPress plugin – uListingCWE-266 8.8 High2025-03-15
CVE-2025-1657 Directory Listings WordPress plugin – uListing <= 2.2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Update and PHP Object Injection — Directory Listings WordPress plugin – uListingCWE-862 8.8 High2025-03-15
CVE-2025-25150 WordPress uListing plugin <= 2.1.6 - SQL Injection vulnerability — uListingCWE-89 9.3 Critical2025-03-03
CVE-2025-25151 WordPress uListing Plugin <= 2.1.6 - SQL Injection vulnerability — uListingCWE-89 8.5 High2025-02-07
CVE-2024-10970 Motors – Car Dealer, Classifieds & Listing <= 1.4.43 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via Custom Title — Motors – Car Dealership & Classified Listings PluginCWE-94 5.4 Medium2025-01-16
CVE-2024-12206 Wordpress Header Builder Plugin <= 1.3.8 - Cross-Site Request Forgery to Header Deletion — Pearl – Header BuilderCWE-352 4.3 Medium2025-01-09
CVE-2024-37093 WordPress MasterStudy LMS plugin <= 3.2.1 - Cross Site Request Forgery (CSRF) vulnerability — MasterStudy LMSCWE-352 4.3 Medium2025-01-02
CVE-2023-40011 WordPress Cost Calculator Builder plugin <= 3.1.42 - Broken Access Control vulnerability — Cost Calculator BuilderCWE-862 5.4 Medium2024-12-13
CVE-2024-47344 WordPress uListing plugin <= 2.1.5 - Sensitive Data Exposure vulnerability — uListingCWE-200 5.3 Medium2024-10-07
CVE-2024-6011 Cost Calculator Builder <= 3.2.12 - Authenticated (Administrator+) Stored Cross-Site Scripting — Cost Calculator BuilderCWE-79 4.4 Medium2024-07-02
CVE-2024-6012 Cost Calculator Builder <= 3.2.12 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Content Creation — Cost Calculator BuilderCWE-862 4.3 Medium2024-07-02
CVE-2024-5545 Motors – Car Dealer, Classifieds & Listing <= 1.4.9 - Missing Authorization — Motors – Car Dealership & Classified Listings PluginCWE-862 5.3 Medium2024-07-02
CVE-2024-5468 WordPress Header Builder Plugin – Pearl <= 1.3.7 - Missing Authorization to Unauthenticated Arbitrary Site Options Deletion — Pearl – Header BuilderCWE-862 6.5 Medium2024-06-12
CVE-2024-4000 WordPress Header Builder Plugin – Pearl <= 1.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Pearl – Header BuilderCWE-79 6.4 Medium2024-05-02
CVE-2024-3942 MasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.3.8 - Missing Authorization — MasterStudy LMS WordPress Plugin – for Online Courses and EducationCWE-862 6.3 Medium2024-05-02
CVE-2024-3136 MasterStudy LMS <= 3.3.3 - Unauthenticated Local File Inclusion via template — MasterStudy LMS WordPress Plugin – for Online Courses and EducationCWE-98 9.8 Critical2024-04-09
CVE-2024-1904 MasterStudy LMS <= 3.2.13 - Missing Authorization to Sensitive Information Exposure in search_posts — MasterStudy LMS WordPress Plugin – for Online Courses and EducationCWE-862 4.3 Medium2024-04-09
CVE-2024-2411 MasterStudy LMS <= 3.3.0 - Unauthenticated Local File Inclusion via modal — MasterStudy LMS WordPress Plugin – for Online Courses and EducationCWE-98 9.8 Critical2024-03-29
CVE-2024-2409 MasterStudy LMS <= 3.3.1 - Unauthenticated Privilege Escalation via stm_lms_register AJAX Action — MasterStudy LMS WordPress Plugin – for Online Courses and EducationCWE-266 9.8 Critical2024-03-29
CVE-2024-2106 MasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.2.10 - Basic Information Exposure via REST route — MasterStudy LMS WordPress Plugin – for Online Courses and EducationCWE-200 5.3 Medium2024-03-13
CVE-2024-1512 MasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.2.5 - Unauthenticated SQL Injection — MasterStudy LMS WordPress Plugin – for Online Courses and EducationCWE-89 9.8 Critical2024-02-17
CVE-2021-4381 uListing <= 1.6.6 - Unauthenticated Options Changes via wp_route — Directory Listings WordPress plugin – uListingCWE-862 9.8 Critical2023-06-07
CVE-2021-4370 uListing <= 1.6.6 - Missing Authorization — Directory Listings WordPress plugin – uListingCWE-862 9.8 Critical2023-06-07
CVE-2021-4357 uListing <= 1.6.6 - Unauthenticated Arbitrary Post/Page Deletion — Directory Listings WordPress plugin – uListingCWE-862 9.1 Critical2023-06-07
CVE-2021-4345 uListing <= 1.6.6 - Unauthenticated Arbitrary Roles and Capabilities Creation/Deletion — Directory Listings WordPress plugin – uListingCWE-862 6.5 Medium2023-06-07
CVE-2021-4346 uListing <= 1.6.6 - Unauthenticated Arbitrary Account Changes — Directory Listings WordPress plugin – uListingCWE-862 9.8 Critical2023-06-07
CVE-2021-4343 uListing <= 1.6.6 - Unauthenticated Arbitrary Account Creation — Directory Listings WordPress plugin – uListingCWE-862 9.8 Critical2023-06-07

This page lists every published CVE security advisory associated with stylemix. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.