Volerion logoVolerion
Volerion logoVolerion

Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

WP Cost Estimation Plugin Directory Traversal Vulnerability Allowing File Overwrite

Vulnerability

A directory traversal vulnerability allowing file uploads to unintended locations has been identified in the WP Cost Estimation plugin for WordPress, in versions prior to 9.660. This vulnerability arises from the 'uploadFormFiles' function, where user-supplied input can manipulate the upload path, potentially overwriting existing files with certain whitelisted types.

Impact

Exploitation of this vulnerability could lead to unauthorized overwriting of files on the affected WordPress site, with potential for causing disruption or damage depending on the files replaced.

Reproduction

The vulnerability can be reproduced by uploading a file through a form that does not have a 'randomSeed' value, which is the case for forms created before the plugin was patched. The uploaded file can be directed to overwrite existing files by exploiting the directory traversal flaw in the 'formSession' input.

Remediation

Users are advised to update the WP Cost Estimation plugin to version 9.660 or later.

Added: Jan 8, 2026, 2:22 AM
Updated: Jan 8, 2026, 2:22 AM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
0.6
exploitability
9.1
remediation
7.7
relevance
1.9
threat
8.0
urgency
2.9
incentive
5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.