Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in ConvertCalculator for WordPress 1.1.1

  • Severity: medium-risk
  • Status: Fixed
  • Publication: December 30, 2024

The ConvertCalculator for WordPress plugin is not safe to use. This is because it has a security issue called Stored Cross-Site Scripting, which can affect versions up to 1.1.1. This happens because the plugin does not properly clean and protect user input, making it possible for attackers with certain levels of access to insert harmful code into pages. This code will then run whenever someone visits the affected page.

Detected in:

ConvertCalculator | Create powerful calculators, quote forms, lead funnels, and more without code fixed vulnerable versions:
ConvertCalculator | Create powerful calculators, quote forms, lead funnels, and more without code right in WordPress. fixed vulnerable versions:
ConvertCalculator for WordPress fixed vulnerable versions: >= * <= 1.1.1
ConvertCalculator: Build Cost, Price, Quotation, ROI Interactive Calculators fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.