Cost Calculator Builder

Vulnerabilities 19Slug cost-calculator-builderLatest version 4.0.1WordPress.org →

Minimum safe version

3.6.10

Update to 3.6.10 or later to address 19 fixable vulnerabilities

Latest available4.0.1 ✓

Medium 5.3

2026-01-16< 3.6.10

CVE-2025-14757

CVE Wordfence

High 8.8

2025-12-02< 3.6.4

CVE-2025-12529

CVE Wordfence

Medium 6.5

2025-11-06< 3.5.33

CVE-2025-62049

CVE Wordfence

High 8.1

2025-10-03< 3.5.33

Cost Calculator Builder <= 3.5.32 - Authenticated (Subscriber+) Missing Authorization via get_cc_orders/update_order_status Functions

Wordfence CVE

N/A

2025-05-19< 3.5.0

CVE-2025-48277

CVE Wordfence

Critical 9.3

2025-04-17< 3.2.68

CVE-2025-39587

CVE EUVD Wordfence

Medium 6.5

2025-04-11< 3.2.68

Cost Calculator Builder <= 3.2.67 - Authenticated (Subscriber+) SQL Injection via order_ids Parameter

EUVD Wordfence CVE

Medium 6.5

2025-03-31< 3.2.66

CVE-2025-31414

CVE EUVD Wordfence

Medium 5.4

2024-12-18< 3.2.43

CVE-2024-10892

CVE Patchstack Wordfence

High 7.2

2024-09-30< 3.2.29

CVE-2024-8379

CVE Patchstack Wordfence

Medium 5.3

2024-09-07< 3.2.35

CVE-2024-6010

CVE

Critical 9.8

2024-08-29< 3.2.16

CVE-2024-43144

CVE Patchstack Wordfence

Medium 4.8

2024-07-02< 3.2.13

CVE-2024-6011

CVE Patchstack Wordfence

Medium 4.3

2024-07-02< 3.2.13

CVE-2024-6012

CVE Patchstack Wordfence

Medium 5.4

2024-12-13< 3.1.43

CVE-2023-40011

CVE Patchstack

N/A

2023-08-17< 3.1.43

Cost Calculator Builder <= 3.1.42 - Improper Authorization

Wordfence

N/A

2023-07-19< 2.3.3

WordPress Cost Calculator Builder Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)

Patchstack WPScan CVE

N/A

2022-02-28< 2.3.3

WordPress Cost Calculator Builder plugin < 2.3.3 - Sensitive Information Disclosure vulnerability

Patchstack

N/A

2022-02-28< 2.3.3

WordPress Cost Calculator Builder plugin < 2.3.3 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack