VYPR

Mortgage Calculators Wp

by WordPress

CVEs (2)

  • CVE-2024-32581MedApr 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lenderd Mortgage Calculators WP allows Stored XSS.This issue affects Mortgage Calculators WP: from n/a through 1.56.

  • CVE-2021-24904MedFeb 14, 2022
    risk 0.35cvss 4.8epss 0.05

    The Mortgage Calculators WP WordPress plugin before 1.56 does not implement any sanitisation on the color setting of the background of a calculator, which could allow high privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is…