Skip to main content

Cost Calculator

2 CVEs product

Monthly

CVE-2023-0165 MEDIUM POC This Month

The Cost Calculator WordPress plugin through 1.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Cost Calculator
NVD WPScan
CVSS 3.1
5.4
EPSS
0.5%
CVE-2023-1155 MEDIUM This Month

The Cost Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the nd_cc_meta_box_cc_price_icon parameter in versions up to, and including, 1.8 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Cost Calculator
NVD
CVSS 3.1
6.4
EPSS
0.1%
EPSS 0% CVSS 5.4
MEDIUM POC This Month

The Cost Calculator WordPress plugin through 1.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Cost Calculator
NVD WPScan
EPSS 0% CVSS 6.4
MEDIUM This Month

The Cost Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the nd_cc_meta_box_cc_price_icon parameter in versions up to, and including, 1.8 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS WordPress Cost Calculator
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy