Skip to main content

Motor

2 CVEs product

Monthly

CVE-2021-24375 CRITICAL POC Act Now

Lack of authentication or validation in motor_load_more, motor_gallery_load_more, motor_quick_view and motor_project_quick_view AJAX handlers of the Motor WordPress theme before 3.1.0 allows an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Path Traversal PHP Motor
NVD WPScan
CVSS 3.1
9.8
EPSS
2.6%
CVE-2014-7125 MEDIUM This Month

The Motor (aka com.magzter.motorhwpublishing) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Motor
NVD
CVSS 2.0
5.4
EPSS
0.1%
EPSS 3% CVSS 9.8
CRITICAL POC Act Now

Lack of authentication or validation in motor_load_more, motor_gallery_load_more, motor_quick_view and motor_project_quick_view AJAX handlers of the Motor WordPress theme before 3.1.0 allows an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Path Traversal PHP +1
NVD WPScan
EPSS 0% CVSS 5.4
MEDIUM This Month

The Motor (aka com.magzter.motorhwpublishing) application 3.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Motor
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy