CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

64 matches found

RedhatCVE•added 2026/03/26 5:1 p.m.•2 views

CVE-2026-24363

Missing Authorization vulnerability in loopus WP Cost Estimation & Payment Forms Builder WPEstimationForm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.3.0...

7.5CVSS5.8AI score0.00047EPSS

Exploits0References1

NVD•added 2026/03/25 5:16 p.m.•1 views

CVE-2026-24363

7.5CVSS0.00047EPSS

Exploits0References1

CVE•added 2026/03/25 4:14 p.m.•4 views

CVE-2026-24363

CVE-2026-24363 is tied to the WordPress plugin WP Cost Estimation & Payment Forms Builder (component: WP_Estimation_Form). The vulnerability arises from incorrectly configured access control security levels in the form component, effectively causing a Missing Authorization/Broken Access Control i...

7.5CVSS5.8AI score0.00047EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 4:14 p.m.•0 views

CVE-2026-24363 WordPress WP Cost Estimation & Payment Forms Builder plugin < 10.3.0 - Broken Access Control vulnerability

7.5CVSS5.8AI score0.00047EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•20 views

CVE-2026-24363 WordPress WP Cost Estimation & Payment Forms Builder plugin < 10.3.0 - Broken Access Control vulnerability

7.5CVSS0.00047EPSS

Exploits0References1

CNNVD•added 2026/03/25 12:0 a.m.•3 views

WordPress plugin WP Cost Estimation & Payment Forms Builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

7.5CVSS5.8AI score0.00047EPSS

Exploits0References1

Positive Technologies•added 2026/03/25 12:0 a.m.•3 views

PT-2026-27850

Name of the Vulnerable Software and Affected Versions loopus WP Cost Estimation & Payment Forms Builder versions prior to 10.3.0 Description An authorization issue exists in loopus WP Cost Estimation & Payment Forms Builder’s WP Estimation Form component. The issue stems from incorrectly configur...

7.5CVSS5.9AI score0.00047EPSS

Exploits0References3

Patchstack•added 2026/03/23 2:47 p.m.•2 views

WordPress WP Cost Estimation & Payment Forms Builder plugin < 10.3.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO in WordPress Plugin WP Cost Estimation & Payment Forms Builder versions 10.3.0...

7.5CVSS5.8AI score0.00047EPSS

Exploits0Affected Software1

RedhatCVE•added 2026/01/09 9:9 a.m.•2 views

CVE-2019-25295

The WP Cost Estimation plugin for WordPress is vulnerable to Upload Directory Traversal in versions before 9.660 via the uploadFormFiles function. This allows attackers to overwrite any file with a whitelisted type on an affected site...

6.5CVSS6.5AI score0.00564EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:38 a.m.•1 views

CVE-2019-25296

The WP Cost Estimation plugin for WordPress is vulnerable to arbitrary file uploads and deletion due to missing file type validation in the lfbuploadform and lfbremoveFile AJAX actions in versions up to, and including, 9.642. This makes it possible for unauthenticated attackers to upload arbitrar...

9.8CVSS7.6AI score0.00366EPSS

Exploits0References1

NVD•added 2026/01/08 3:15 a.m.•3 views

CVE-2019-25296

9.8CVSS0.00366EPSS

Exploits0References5

EUVD•added 2026/01/08 2:21 a.m.•1 views

EUVD-2026-1596

9.8CVSS7.1AI score0.00366EPSS

Exploits0References9

Cvelist•added 2026/01/08 2:21 a.m.•27 views

CVE-2019-25296 WP Cost Estimation <= 9.642 - Missing Authorization to Arbitrary File Upload/Delete

9.8CVSS0.00366EPSS

Exploits0References5

EUVD•added 2026/01/08 1:50 a.m.•2 views

EUVD-2026-1597

6.5CVSS6AI score0.00564EPSS

Exploits0References5

Vulnrichment•added 2026/01/08 1:50 a.m.•2 views

CVE-2019-25295 WP Cost Estimation < 9.660 - Upload Directory Traversal

6.5CVSS6.1AI score0.00564EPSS

Exploits0References3

CVE•added 2026/01/08 1:50 a.m.•4 views

CVE-2019-25295

CVE-2019-25295 affects the WP Cost Estimation plugin for WordPress. Versions prior to 9.660 are vulnerable to a directory traversal in the uploadFormFiles function, allowing an attacker to overwrite any file with a whitelisted type on the site. This results in potential partial impact to integrit...

6.5CVSS6.1AI score0.00564EPSS

Exploits0References3

Cvelist•added 2026/01/08 1:50 a.m.•25 views

CVE-2019-25295 WP Cost Estimation < 9.660 - Upload Directory Traversal

6.5CVSS0.00564EPSS

Exploits0References3

CNNVD•added 2026/01/08 12:0 a.m.•1 views

WordPress plugin WP Cost Estimation 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

9.8CVSS6.7AI score0.00366EPSS

Exploits0References5

CNNVD•added 2026/01/08 12:0 a.m.•2 views

WordPress plugin WP Cost Estimation 路径遍历漏洞

6.5CVSS6.9AI score0.00564EPSS

Exploits0References3

Positive Technologies•added 2026/01/08 12:0 a.m.•2 views

PT-2026-1684

Name of the Vulnerable Software and Affected Versions WP Cost Estimation versions prior to 9.660 Description The WP Cost Estimation plugin for WordPress is susceptible to a directory traversal issue in versions before 9.660. This flaw resides within the uploadFormFiles function and permits...

6.5CVSS6.4AI score0.00564EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by