1598 matches found
Cost Calculator Builder <= 3.2.15 - SQL Injection
The Cost Calculator Builder plugin for WordPress is vulnerable to SQL Injection via discount codes in versions up to, and including, 3.2.15 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
EUVD-2026-43152
The Cost Calculator Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.0.11 via the template body. This makes it possible for unauthenticated attackers to extract the plaintext Stripe secret key, Razorpay secret key, and PayPal...
CVE-2026-10865
CVE-2026-10865 affects the Cost Calculator Builder plugin for WordPress. The vulnerability exists in all versions up to 4.0.11 and arises from exposure in the template body, allowing unauthenticated attackers to read plaintext payment gateway secrets (Stripe secret key, Razorpay secret key, and P...
CVE-2026-10865 Cost Calculator Builder <= 4.0.11 - Unauthenticated Sensitive Information Exposure of Payment Gateway Secret Keys
The Cost Calculator Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.0.11 via the template body. This makes it possible for unauthenticated attackers to extract the plaintext Stripe secret key, Razorpay secret key, and PayPal...
CVE-2026-57750
Unauthenticated Broken Access Control in ez Form Calculator Premium = 2.14.1.2 versions...
CVE-2026-57750
The CVE-2026-57750 entry concerns the WordPress plugin ez Form Calculator Premium (versions up to and including 2.14.1.2). The vulnerability is described as Unauthenticated Broken Access Control , implying that unauthenticated users can access or manipulate resources they should not be able to. T...
CVE-2026-57750
Unauthenticated Broken Access Control in ez Form Calculator Premium = 2.14.1.2 versions...
CVE-2026-57750 WordPress ez Form Calculator Premium plugin <= 2.14.1.2 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in ez Form Calculator Premium = 2.14.1.2 versions...
WordPress ez Form Calculator Premium plugin <= 2.14.1.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO in WordPress Plugin ez Form Calculator Premium versions = 2.14.1.2...
PT-2026-55038
Name of the Vulnerable Software and Affected Versions ez Form Calculator Premium versions prior to 2.14.1.3 Description The plugin contains a broken access control issue that allows unauthenticated users to bypass authorization restrictions. Recommendations Update to a version newer than 2.14.1.2...
CVE-2026-54847
Unauthenticated Broken Access Control in Stylish Cost Calculator = 8.3.9 versions...
CVE-2026-54847
The CVE-2026-54847 entry concerns the WordPress plugin “Stylish Cost Calculator” (versions
CVE-2026-54847 WordPress Stylish Cost Calculator plugin <= 8.3.9 - Broken Access Control vulnerability
Unauthenticated Broken Access Control in Stylish Cost Calculator = 8.3.9 versions...
EUVD-2026-39684
Unauthenticated Broken Access Control in Stylish Cost Calculator = 8.3.9 versions...
WordPress Stylish Cost Calculator plugin <= 8.3.9 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by ParkHyunWoo in WordPress Plugin Stylish Cost Calculator versions = 8.3.9...
objdump-dlx-calc-poc
objdump dlx calc poc Small repro for an objdump -g crash-to...
WordPress plugin Global Body Mass Index Calculator 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-52778 YesWiki has Unsafe eval() in Formula Calculator - Remote Code Execution (RCE) & Denial of Service (DoS)
YesWiki is a wiki system written in PHP. Prior to version 4.6.6, an unsafe execution vulnerability exists in the Bazar form field calculator CalcField.php of YesWiki. The application attempts to sanitize user-defined mathematical formulas using a complex recursive regular expression before passin...
WordPress Global Body Mass Index Calculator plugin <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Global Body Mass Index Calculator versions = 1.2...
PT-2026-47441
Name of the Vulnerable Software and Affected Versions YesWiki versions prior to 4.6.6 Description An unsafe execution issue exists in the Bazar form field calculator CalcField.php. The application uses a complex recursive regular expression to sanitize user-defined mathematical formulas before th...