VYPR

Cost Calculator

by Nicdark

Source repositories

CVEs (4)

  • CVE-2025-54046MedAug 20, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs Cost Calculator ql-cost-calculator allows Stored XSS.This issue affects Cost Calculator: from n/a through <= 7.4.

  • CVE-2023-1155MedMar 2, 2023
    risk 0.42cvss 6.4epss 0.00

    The Cost Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the nd_cc_meta_box_cc_price_icon parameter in versions up to, and including, 1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated…

  • CVE-2026-2506MedFeb 26, 2026
    risk 0.40cvss 6.1epss 0.00

    The EM Cost Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.3.1. This is due to the plugin storing attacker-controlled 'customer_name' data and rendering it in the admin customer list without output escaping. This…

  • CVE-2025-54047MedJul 16, 2025
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in QuanticaLabs Cost Calculator ql-cost-calculator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cost Calculator: from n/a through <= 7.4.