Vulnerabilities > CVE-2021-24820 - Unspecified vulnerability in Bold-Themes Cost Calculator

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

bold-themes

NVD

Published: 2022-02-28

Updated: 2024-11-21

Summary

The Cost Calculator WordPress plugin through 1.6 allows authenticated users (Contributor+ in versions < 1.5, and Admin+ in versions <= 1.6) to perform path traversal and local PHP file inclusion on Windows Web Servers via the Cost Calculator post's Layout

Vulnerable Configurations

Part	Description	Count
Application	Bold-Themes Bold Themes Cost Calculator *	1

References

https://wpscan.com/vulnerability/47652b24-a6f0-4bbc-834e-496b88523fe7
https://wpscan.com/vulnerability/47652b24-a6f0-4bbc-834e-496b88523fe7