CVE-2025-12529 Cost Calculator Builder <= 3.6.3 - Unauthenticated Arbitrary File Deletion

The Cost Calculator Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteOrdersFiles function in all versions up to, and including, 3.6.3. This makes it possible for unauthenticated attackers to inject arbitrary file paths int...

CVE-2025-12529 Cost Calculator Builder <= 3.6.3 - Unauthenticated Arbitrary File Deletion

The Cost Calculator Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteOrdersFiles function in all versions up to, and including, 3.6.3. This makes it possible for unauthenticated attackers to inject arbitrary file paths int...

CVE-2021-36454

Cross Site Scripting XSS vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1 backups\backups.php, 2 blocks\blocks.php, 3 brands\brands.php, 4 comments\comments.php, 5 coupons\coupons.php, 6 feeds\feeds.php, 7 functions\functions.php, 8 items\items.php, 9...