I'm not aware of specific other sites that are broken, but it wouldn't be surprising if there are others since testing only in Chromium browsers seems to be fairly common. Up to now such sites would also be broken in Safari and the prominence of iOS means that often gets tested at least, so current breakage might be small. However, Safari appears to have support for these in their current technical preview so I expect it will get worse next year.
It is easy for a site to create a policy compatible with "old browsers" by making sure
style-src exists and is the union of
style-src-elem. But it's also easy for those to get out of sync as a site is maintained. Rather than cramming both into one really long policy, it's better for sites to actually have two separate
content-security-policy headers, and browsers will enforce both. For example:
Content-security-policy: style-src 'unsafe-inline' <sitelist>
Content-security-policy: style-src-elem <sitelist>; style-src-attr 'unsafe-inline' <sitelist>
For Firefox the second policy is a no-op (unknown directives are ignored), but it's still going to enforce the first. Chrome (and soon Safari) will enforce both but the stricter policy for -elem in the second policy will overrule the weaker first policy.