Stylemix Cost Calculator Builder

11 CVEs affecting Stylemix Cost Calculator Builder. Latest disclosed: 2026-05-13. Critical: 1, High: 2.

Top CVEs affecting Stylemix Cost Calculator Builder
CVESeverityScorePublishedSummary
CVE-2025-39587Critical9.32025-04-17Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix Cost Calculator Builder cost-calculator-builder…
CVE-2025-12529High8.82025-12-02The Cost Calculator Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteOrdersFiles() f…
CVE-2025-9243High8.12025-10-04The Cost Calculator Builder plugin for WordPress is vulnerable to unauthorizedmodification of data due to a missing capability check on the get_cc_orders and u…
CVE-2025-62049Medium6.52025-11-06Missing Authorization vulnerability in Stylemix Cost Calculator Builder cost-calculator-builder.This issue affects Cost Calculator Builder: from n/a through <=…
CVE-2025-2128Medium6.52025-04-11The Cost Calculator Builder plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order_ids’ parameter in all versions up to, and including…
CVE-2025-31414Medium6.52025-03-31Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stylemix Cost Calculator Builder cost-calculator-builder…
CVE-2025-48277Medium5.92025-05-19Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stylemix Cost Calculator Builder cost-calculator-builder…
CVE-2025-14755Medium5.32026-05-13The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Price Manipulation and Insecure Direct Object Reference (IDOR) in all version…
CVE-2025-14757Medium5.32026-01-16The Cost Calculator Builder plugin for WordPress is vulnerable to Unauthenticated Payment Status Bypass in all versions up to, and including, 3.6.9 only when u…
CVE-2024-6011Medium4.42024-07-02The Cost Calculator Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘textarea.description’ parameter in all versions up to, a…
CVE-2024-6012Medium4.32024-07-02The Cost Calculator Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'embed-create-page…