6 matches found
WordPress Cost Calculator Builder plugin <= 4.0.1 - Unauthenticated Price Manipulation and Insecure Direct Object Reference vulnerability
Unauthenticated Price Manipulation and Insecure Direct Object Reference vulnerability discovered by andrea bocchetti in WordPress Plugin Cost Calculator Builder versions = 4.0.1...
CVE-2025-39587 WordPress Cost Calculator Builder plugin <= 3.2.65 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Stylemix Cost Calculator Builder cost-calculator-builder allows SQL Injection.This issue affects Cost Calculator Builder: from n/a through = 3.2.65...
WordPress Cost Calculator Builder Pro Plugin <= 3.1.96 is vulnerable to Broken Access Control
Software Cost Calculator Builder Pro Type Plugin Vulnerable versions = 3.1.96 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-6010 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e259d2d9cc39 Credits andrea bocchetti...
WordPress Cost Calculator Builder Plugin <= 3.2.12 is vulnerable to Cross Site Scripting (XSS)
Software Cost Calculator Builder Type Plugin Vulnerable versions = 3.2.12 Fixed in 3.2.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6011 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 19a4b52def1d Credits Guido Iván...
WordPress Cost Calculator Builder Pro Plugin <= 3.1.67 is vulnerable to Cross Site Scripting (XSS)
Software Cost Calculator Builder Pro Type Plugin Vulnerable versions = 3.1.67 Fixed in 3.1.68 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4097 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 99ec603c6f20 Credits andrea...
WordPress Cost Calculator Builder Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)
Software Cost Calculator Builder Type Plugin Vulnerable versions = 2.3.2 Fixed in 2.3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID b0d332e53488 Credits Rafie Muhammad Patchstack...