Cost Calculator Builder <= 3.2.15 - SQL Injection

The Cost Calculator Builder plugin for WordPress is vulnerable to SQL Injection via discount codes in versions up to, and including, 3.2.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

objdump-dlx-calc-poc

objdump dlx calc poc Small repro for an objdump -g crash-to...

WordPress plugin Global Body Mass Index Calculator 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress Global Body Mass Index Calculator plugin <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Global Body Mass Index Calculator versions = 1.2...

PT-2026-47441

Name of the Vulnerable Software and Affected Versions YesWiki versions prior to 4.6.6 Description An unsafe execution issue exists in the Bazar form field calculator CalcField.php. The application uses a complex recursive regular expression to sanitize user-defined mathematical formulas before th...

YesWiki 代码注入漏洞

YesWiki is a wiki system built using PHP, developed by the French organization YesWiki. It is used for creating and managing websites in a collaborative manner. Versions of YesWiki prior to 4.6.6 had a code injection vulnerability; this vulnerability stemmed from an insecure execution flaw in the...

CVE-2025-14755

The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Price Manipulation and Insecure Direct Object Reference IDOR in all versions up to, and including, 4.0.1 only when used in combination with Cost Calculator Builder PRO. This is due to the ccbwoocommercepayment AJAX...

Exploit for Incorrect Implementation of Authentication Algorithm in Google Android

popping a calc bash am start -n com.sec.android.app.popupcalc...

Win32 Calc Shellcode

This is a 14-byte Win32 shellcode that opens calc.exe using a fixed CALL rel32 offset on Windows XP SP 3 English...

Malicious code in http-uploader-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 936024fb65d6ab06a1f01fcd765b534812efb873f076e81303d87c0b141bba2b package.json declares "preinstall": "bun run index.js", which on npm install invokes Bun to run index.js. index.js detects the host OS and shells out...

MAL-2026-4580 Malicious code in http-uploader-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 936024fb65d6ab06a1f01fcd765b534812efb873f076e81303d87c0b141bba2b package.json declares "preinstall": "bun run index.js", which on npm install invokes Bun to run index.js. index.js detects the host OS and shells out...

Malicious code in cache-poisoning-pwn-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dacd21af4f62dd3183bfc4126d1cbcf18600a1c72301b7ae8ca401ec7e44f94e The package's postinstall hook node -e "try require'./dist/postinstall.js'; catche " loads dist/postinstall.js, which bundles a poisoned is-number...

MAL-2026-3751 Malicious code in cache-poisoning-pwn-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dacd21af4f62dd3183bfc4126d1cbcf18600a1c72301b7ae8ca401ec7e44f94e The package's postinstall hook node -e "try require'./dist/postinstall.js'; catche " loads dist/postinstall.js, which bundles a poisoned is-number...

CVE-2025-14755

The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Price Manipulation and Insecure Direct Object Reference IDOR in all versions up to, and including, 4.0.1 only when used in combination with Cost Calculator Builder PRO. This is due to the ccbwoocommercepayment AJAX...

EUVD-2025-209816

The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Price Manipulation and Insecure Direct Object Reference IDOR in all versions up to, and including, 4.0.1 only when used in combination with Cost Calculator Builder PRO. This is due to the ccbwoocommercepayment AJAX...

CVE-2025-14755

The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Price Manipulation and Insecure Direct Object Reference IDOR in all versions up to, and including, 4.0.1 only when used in combination with Cost Calculator Builder PRO. This is due to the ccbwoocommercepayment AJAX...

CVE-2025-14755 Cost Calculator Builder <= 4.0.1 - Unauthenticated Price Manipulation and Insecure Direct Object Reference

The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Price Manipulation and Insecure Direct Object Reference IDOR in all versions up to, and including, 4.0.1 only when used in combination with Cost Calculator Builder PRO. This is due to the ccbwoocommercepayment AJAX...

CVE-2025-14755

The Cost Calculator Builder plugin for WordPress (

CVE-2025-14755 Cost Calculator Builder <= 4.0.1 - Unauthenticated Price Manipulation and Insecure Direct Object Reference

The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Price Manipulation and Insecure Direct Object Reference IDOR in all versions up to, and including, 4.0.1 only when used in combination with Cost Calculator Builder PRO. This is due to the ccbwoocommercepayment AJAX...

WordPress plugin Cost Calculator Builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...