CVE Tools

stylemix

Web & CMS Pluginscommercial

23

Cumulative CVEs

2

Monthly snapshots

#64

Peak rank

Top products

motors3 motors – car dealership & classified listings plugin3 cost calculator builder2

Latest CVEs

The 15 most recently published vulnerabilities affecting stylemix.

CVE-2026-42730WordPress MasterStudy LMS plugin <= 3.7.29 - SQL Injection vulnerability8.5May 27, 2026
CVE-2026-3892Motors – Car Dealer, Classifieds & Listing <= 1.4.107 - Authenticated (Subscriber+) Arbitrary File Deletion via 'stm_dealer_logo_path' Parameter8.1May 14, 2026
CVE-2025-14755Cost Calculator Builder <= 4.0.1 - Unauthenticated Price Manipulation and Insecure Direct Object Reference5.3May 13, 2026
CVE-2026-1934Motors – Car Dealership & Classified Listings Plugin <= 1.4.103 - Missing Authorization to Authenticated (Subscriber+) Payment Bypass via 'stm_payment_status' Parameter4.3May 12, 2026
CVE-2026-4817MasterStudy LMS <= 3.7.25 - Authenticated (Subscriber+) Time-based Blind SQL Injection via 'order' and 'orderby' Parameters6.5Apr 17, 2026
CVE-2026-28078WordPress uListing plugin <= 2.2.0 - Arbitrary File Download vulnerability4.9Mar 5, 2026
CVE-2026-28138WordPress uListing plugin <= 2.2.0 - PHP Object Injection vulnerability7.2Feb 26, 2026
CVE-2026-0559MasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.7.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'stm_lms_courses_grid_display' Shortcode6.4Feb 14, 2026
CVE-2025-14757Cost Calculator Builder <= 3.6.9 - Missing Authorization to Unauthenticated Payment Status Bypass5.3Jan 16, 2026
CVE-2025-13766MasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.7.6 Missing Authorization to Authenticated (Subscriber+) Posts and Media Creation, Modification and Deletion5.4Jan 6, 2026
CVE-2025-12529Cost Calculator Builder <= 3.6.3 - Unauthenticated Arbitrary File Deletion8.8Dec 2, 2025
CVE-2025-62049WordPress Cost Calculator Builder plugin <= 3.5.32 - Broken Access Control vulnerability6.5Nov 6, 2025
CVE-2025-64366WordPress MasterStudy LMS plugin <= 3.6.27 - SQL Injection vulnerability7.6Oct 31, 2025
CVE-2025-59575WordPress MasterStudy LMS plugin <= 3.6.20 - Sensitive Data Exposure vulnerability4.9Oct 22, 2025
CVE-2025-10494Motors – Car Dealership & Classified Listings Plugin <= 1.4.89 - Authenticated (Subscriber+) Arbitrary File Deletion8.1Oct 8, 2025