VYPR

Wp Cost Estimation Payment Forms Builder

by WordPress

CVEs (3)

  • CVE-2024-30489HigMar 31, 2024
    risk 0.55cvss 8.5epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in loopus WP Cost Estimation & Payment Forms Builder.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through 10.1.75.

  • CVE-2026-24363HigMar 25, 2026
    risk 0.49cvss 7.5epss 0.00

    Missing Authorization vulnerability in loopus WP Cost Estimation & Payment Forms Builder WP_Estimation_Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Cost Estimation & Payment Forms Builder: from n/a through < 10.3.0.

  • CVE-2019-25295MedJan 8, 2026
    risk 0.42cvss 6.5epss 0.01

    The WP Cost Estimation plugin for WordPress is vulnerable to Upload Directory Traversal in versions before 9.660 via the uploadFormFiles function. This allows attackers to overwrite any file with a whitelisted type on an affected site.