Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

stylemix — Vulnerabilities & Security Advisories 66

Browse all 66 CVE security advisories affecting stylemix. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Stylemix operates as a digital asset management and theme development platform, primarily serving web designers and content creators who require robust tools for managing media libraries and deploying WordPress themes. Security audits reveal a concerning history of vulnerabilities, with sixty-three Common Vulnerabilities and Exposures (CVEs) currently documented. These flaws predominantly involve cross-site scripting (XSS) and remote code execution (RCE), often stemming from insufficient input validation and improper access controls. Privilege escalation remains a significant risk, allowing unauthorized users to manipulate system functions or access restricted data. While specific major incidents involving widespread exploitation are not widely publicized, the high volume of disclosed CVEs indicates persistent weaknesses in the software’s security architecture. Developers and administrators are advised to prioritize immediate patching and rigorous security testing to mitigate these known risks and protect associated web infrastructure from potential compromise.

Found 11 results / 66Clear Filters
Top products by stylemix: Directory Listings WordPress plugin – uListing Cost Calculator Builder MasterStudy LMS WordPress Plugin – for Online Courses and Education Motors – Car Dealership & Classified Listings Plugin MasterStudy LMS uListing Motors Pearl – Header Builder Pearl
CVE IDTitleCVSSSeverityPublished
CVE-2025-14755 Cost Calculator Builder <= 4.0.1 - Unauthenticated Price Manipulation and Insecure Direct Object Reference — Cost Calculator BuilderCWE-862 5.3 Medium2026-05-13
CVE-2025-14757 Cost Calculator Builder <= 3.6.9 - Missing Authorization to Unauthenticated Payment Status Bypass — Cost Calculator BuilderCWE-862 5.3 Medium2026-01-16
CVE-2025-12529 Cost Calculator Builder <= 3.6.3 - Unauthenticated Arbitrary File Deletion — Cost Calculator BuilderCWE-73 8.8 High2025-12-02
CVE-2025-62049 WordPress Cost Calculator Builder plugin <= 3.5.32 - Broken Access Control vulnerability — Cost Calculator BuilderCWE-862 6.5 Medium2025-11-06
CVE-2025-9243 Cost Calculator Builder <= 3.5.32 - Authenticated (Subscriber+) Missing Authorization via get_cc_orders/update_order_status Functions — Cost Calculator BuilderCWE-862 8.1 High2025-10-04
CVE-2025-48277 WordPress Cost Calculator Builder plugin <= 3.2.74 - Cross Site Scripting (XSS) Vulnerability — Cost Calculator BuilderCWE-79 5.9 Medium2025-05-19
CVE-2025-39587 WordPress Cost Calculator Builder plugin <= 3.2.65 - SQL Injection Vulnerability — Cost Calculator BuilderCWE-89 9.3 Critical2025-04-17
CVE-2025-2128 Cost Calculator Builder <= 3.2.67 - Authenticated (Subscriber+) SQL Injection via order_ids Parameter — Cost Calculator BuilderCWE-89 6.5 Medium2025-04-11
CVE-2025-31414 WordPress Cost Calculator Builder plugin <= 3.2.65 - Cross Site Scripting (XSS) vulnerability — Cost Calculator BuilderCWE-79 6.5 Medium2025-03-31
CVE-2024-6012 Cost Calculator Builder <= 3.2.12 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Content Creation — Cost Calculator BuilderCWE-862 4.3 Medium2024-07-02
CVE-2024-6011 Cost Calculator Builder <= 3.2.12 - Authenticated (Administrator+) Stored Cross-Site Scripting — Cost Calculator BuilderCWE-79 4.4 Medium2024-07-02

This page lists every published CVE security advisory associated with stylemix. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.