A plugin called Cost Calculator Builder PRO for WordPress has a security issue that affects all versions up to 3.1.96. The problem is that the plugin allows the price to be changed before it is processed using a function called ‘create_cc_order’. This means that anyone can change the price of orders made using the calculator without being logged in. The issue was partly fixed in version 3.2.17 of the plugin.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
© Really Simple Plugins
CoC 70461155
Kalmarweg 14-5
9723 JG, Groningen (NL)
