Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/17 9:15 a.m.18 views

CVE-2025-14757

The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Payment Status Bypass in all versions up to, and including, 3.6.9 only when used in combination with Cost Calculator Builder PRO. This is due to the completepayment AJAX action being registered via wpajaxnopriv,...

5.3CVSS6.4AI score0.00327EPSS
Exploits0References1
CVE
CVE
added 2026/01/16 8:38 a.m.19 views

CVE-2025-14757

CVE-2025-14757 affects Cost Calculator Builder (WordPress) up to version 3.6.9 when used with Cost Calculator Builder PRO. Root cause: the complete_payment AJAX action is registered via wp_ajax_nopriv, allowing unauthenticated access, and the complete() check only validates a nonce, not user capa...

5.3CVSS6AI score0.00327EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/16 8:38 a.m.5 views

CVE-2025-14757 Cost Calculator Builder <= 3.6.9 - Missing Authorization to Unauthenticated Payment Status Bypass

The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Payment Status Bypass in all versions up to, and including, 3.6.9 only when used in combination with Cost Calculator Builder PRO. This is due to the completepayment AJAX action being registered via wpajaxnopriv,...

5.3CVSS6AI score0.00327EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/01/16 8:38 a.m.4 views

CVE-2025-14757

The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Payment Status Bypass in all versions up to, and including, 3.6.9 only when used in combination with Cost Calculator Builder PRO. This is due to the completepayment AJAX action being registered via wpajaxnopriv,...

5.3CVSS5.4AI score0.00327EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/01/16 12:0 a.m.6 views

PT-2026-3234

Name of the Vulnerable Software and Affected Versions Cost Calculator Builder plugin for WordPress versions prior to 3.7.0 Description The Cost Calculator Builder plugin for WordPress is susceptible to an unauthenticated payment status bypass. This occurs because the complete payment AJAX action ...

5.3CVSS5.3AI score0.00327EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-27335

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00206EPSS
Exploits0References2
Rows per page
Query Builder