Primary

Context

WordPress Project Cost Calculator Plugin Broken Access Control Vulnerability

Vulnerability

A broken access control vulnerability has been identified in the WordPress Project Cost Calculator plugin, affecting versions through 1.0.0. This vulnerability arises from missing authorization checks, allowing users to exploit improperly configured access control levels and perform actions reserved for higher privileges.

Impact

Exploitation of this vulnerability could allow users to bypass authorization and access control measures, potentially leading to unauthorized actions or changes within the application.

Remediation

Users are advised to update to a version of the Project Cost Calculator plugin later than 1.0.0, if available. If no update is possible, consider using the Patchstack vPatch service to automatically mitigate this vulnerability.

Added: Aug 14, 2025, 12:51 PM

Updated: Aug 14, 2025, 12:51 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WordPress Project Cost Calculator Plugin Broken Access Control Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating