Vulnerabilities > Mlcalc

DATE	CVE	VULNERABILITY TITLE	RISK
2025-02-18	CVE-2025-0805	Cross-site Scripting vulnerability in Mlcalc Mortgage Loan Calculator The Mortgage Calculator / Loan Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mlcalc' shortcode in all versions up to, and including, 1.5.20 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity mlcalc CWE-79	5.4
2022-01-03	CVE-2021-24828	Cross-site Scripting vulnerability in Mlcalc Mortgage Calculator/Loan Calculator The Mortgage Calculator / Loan Calculator WordPress plugin before 1.5.17 does not escape the some of the attributes of its mlcalc shortcode before outputting them, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks network low complexity mlcalc CWE-79	5.4

Vulnerabilities > Mlcalc {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mlcalc"}]}