The plugin called “The Motors – Car Dealer, Classifieds & Listing” for WordPress has a security issue where people who are not authorized can change the data. This is because there is a feature missing in the stm_edit_delete_user_car function in all versions up to 1.4.8. This means that people who are not logged in can take down any posts or pages they want.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
