Cost Calculator Builder
Approved changes feed: RSS · Atom
cpe:2.3:a:stylemix:cost_calculator_builder:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Stylemix (c2170171-f70b-5bf4-89aa-da5048b14251) |
|---|---|
| Product | Cost Calculator Builder (b0835b2d-2439-5f6b-b6d1-5cb50e04b136) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-9243 |
vulnerable | 2026-06-08 07:45:21.987112 |
Cost Calculator Builder <= 3.5.32 - Authenticated (Subscriber+) Missing Authorization via get_cc_orders/update_order_status Functions
HIGH (8.1)
The Cost Calculator Builder plugin for WordPress is vulnerable to unauthorizedmodification of data due to a missing capability check on the get_cc_orders and update_order_status functions in all versions up to, and including, 3.5.32. This makes it possible for authenticated attackers, with Subscriber-level access and above, to access order management functions and modify order status.
Published: 2025-10-04T02:24:36.330Z
Updated: 2026-04-08T17:14:22.077Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-62049 |
vulnerable | 2026-06-08 07:37:28.582683 |
WordPress Cost Calculator Builder plugin <= 3.5.32 - Broken Access Control vulnerability
MEDIUM (6.5)
Missing Authorization vulnerability in Stylemix Cost Calculator Builder cost-calculator-builder.This issue affects Cost Calculator Builder: from n/a through <= 3.5.32.
Published: 2025-11-06T15:55:44.281Z
Updated: 2026-04-28T16:14:00.166Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-48277 |
vulnerable | 2026-06-08 07:27:15.644094 |
WordPress Cost Calculator Builder plugin <= 3.2.74 - Cross Site Scripting (XSS) Vulnerability
MEDIUM (5.9)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stylemix Cost Calculator Builder cost-calculator-builder allows Stored XSS.This issue affects Cost Calculator Builder: from n/a through <= 3.2.74.
Published: 2025-05-19T14:45:26.444Z
Updated: 2026-04-28T16:12:55.322Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-39587 |
vulnerable | 2026-06-08 07:23:06.804374 |
WordPress Cost Calculator Builder plugin <= 3.2.65 - SQL Injection Vulnerability
CRITICAL (9.3)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix Cost Calculator Builder cost-calculator-builder allows SQL Injection.This issue affects Cost Calculator Builder: from n/a through <= 3.2.65.
Published: 2025-04-17T15:46:44.464Z
Updated: 2026-04-28T16:12:35.219Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-31414 |
vulnerable | 2026-06-08 07:17:02.975990 |
WordPress Cost Calculator Builder plugin <= 3.2.65 - Cross Site Scripting (XSS) vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stylemix Cost Calculator Builder cost-calculator-builder allows Stored XSS.This issue affects Cost Calculator Builder: from n/a through <= 3.2.65.
Published: 2025-03-31T06:07:11.895Z
Updated: 2026-04-28T16:12:06.218Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2128 |
vulnerable | 2026-06-08 07:14:58.060772 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-14757 |
vulnerable | 2026-06-08 07:06:35.104027 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-14755 |
vulnerable | 2026-06-08 07:06:35.100929 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-12529 |
vulnerable | 2026-06-08 07:04:30.376970 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-6012 |
vulnerable | 2026-06-08 06:58:17.193969 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-6011 |
vulnerable | 2026-06-08 06:58:17.192506 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-40011 |
vulnerable | 2026-06-08 06:09:41.019940 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.