What the vulnerability does
01Description
Missing Authorization vulnerability in Stylemix Cost Calculator Builder cost-calculator-builder.This issue affects Cost Calculator Builder: from n/a through <= 3.5.32.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
What the vulnerability does
Missing Authorization vulnerability in Stylemix Cost Calculator Builder cost-calculator-builder.This issue affects Cost Calculator Builder: from n/a through <= 3.5.32.
Explanation of Vulnerability in Simple Terms
Cost Calculator Builder versions 3.5.32 and earlier lack proper authorization checks, allowing unauthenticated attackers to modify or delete data through network requests. The vulnerability does not expose sensitive information but can disrupt site functionality and data integrity. Site administrators should update to a version newer than 3.5.32 as soon as a patch is available.
What an attacker can do
Modify or delete site data without authentication.
Potential impact on your site
Attackers can alter or remove calculator configurations and stored data without logging in.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources