Known Vulnerabilities
CVE-2024-8379
The Cost Calculator Builder WordPress plugin before 3.2.29 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Admin.
HIGH
CVSS 7.2
Published Sep 30, 2024
CVE-2024-43144
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Cost Calculator Builder allows SQL Injection.This issue affects Cost Calculator Builder: from n/a through 3.2.15.
CRITICAL
CVSS 9.3
Published Aug 29, 2024