[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fawLeHtfIV5-ZScqgdePZzaHPO16DC6ne-BEgaB1TDxw":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":23,"download_link":24,"security_score":25,"vuln_count":14,"unpatched_count":26,"last_vuln_date":27,"fetched_at":28,"vulnerabilities":29,"developer":85,"crawl_stats":35,"alternatives":92,"analysis":180,"fingerprints":283},"estatik-mortgage-calculator","Estatik Mortgage Calculator","2.0.12","Estatik","https:\u002F\u002Fprofiles.wordpress.org\u002Festatik\u002F","\u003Cp>Estatik Mortgage Calculator will allow your website visitors to estimate their mortgage payments. It is great-looking and informative, and absolutely free! Check out http:\u002F\u002Festatik.net\u002F for more information.\u003Cbr \u002F>\nVisit \u003Ca href=\"http:\u002F\u002Fdemo.estatik.net\u002F\" rel=\"nofollow ugc\">demo\u003C\u002Fa> of Estatik calculator on one of default WordPress themes or \u003Ca href=\"http:\u002F\u002Ftrendy.estatik.net\u002F\" rel=\"nofollow ugc\">demo\u003C\u002Fa> on Estatik custom theme.\u003C\u002Fp>\n\u003Cp>Main features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Estatik mortgage calculator looks good on any device from both sides: admin and front.\u003C\u002Fli>\n\u003Cli>You can use it as simple calculator with Purchase price, Down payment, Interest Rate or enable advanced options and switch on extra Home Insurance, Property taxes and PMI.\u003C\u002Fli>\n\u003Cli>Adapt calculator color according to your theme styles. Choose any color you need via plugin Settings.\u003C\u002Fli>\n\u003Cli>The calculator displays results in Popup window with graph or simple text and image. You can select one of options most appealing for you.\u003C\u002Fli>\n\u003Cli>Add calculator to your sidebars as widget or use shortcode to add it to any page.\u003C\u002Fli>\n\u003Cli>To make it more attractive we used jQuery and Google Charts in its code.\u003C\u002Fli>\n\u003Cli>If used with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Festatik\u002F\" rel=\"ugc\">Estatik plugin\u003C\u002Fa>, Purchase Price field in Calculator is synchronized with Listing price in Estatik if used together on the same page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Translated into:\u003Cbr \u002F>\n* Russian\u003Cbr \u002F>\n* Spanish\u003Cbr \u002F>\n* German\u003Cbr \u002F>\n* Italian\u003Cbr \u002F>\n* Dutch\u003C\u002Fp>\n\u003Cp>Visit official \u003Ca href=\"https:\u002F\u002Festatik.net\u002Fproduct\u002Festatik-mortgage-calculator\u002F\" rel=\"nofollow ugc\">Estatik Mortgage Calculator page\u003C\u002Fa> to get full information.\u003C\u002Fp>\n","Estatik Mortgage Calculator will allow your website visitors to estimate their mortgage payments. It is great-looking and informative!",1000,42591,92,5,"2024-12-30T07:57:00.000Z","6.7.5","5.4","",[20,4,21,22],"estatik","mortgage-calculator","wordpress-mortgage-calculator","http:\u002F\u002Festatik.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Festatik-mortgage-calculator.zip",29,4,"2025-05-16 00:00:00","2026-03-15T15:16:48.613Z",[30,44,52,67,77],{"id":31,"url_slug":32,"title":33,"description":34,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":35,"severity":37,"cvss_score":38,"cvss_vector":39,"vuln_type":40,"published_date":27,"updated_date":41,"references":42,"days_to_patch":35},"CVE-2025-48136","mortgage-calculator-estatik-authenticated-contributor-local-file-inclusion","Mortgage Calculator Estatik \u003C= 2.0.12 - Authenticated (Contributor+) Local File Inclusion","The Mortgage Calculator Estatik plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.0.12. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.",null,"\u003C=2.0.12","high",8.8,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:H\u002FI:H\u002FA:H","Improper Control of Filename for Include\u002FRequire Statement in PHP Program ('PHP Remote File Inclusion')","2026-03-23 15:44:42",[43],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9711efe5-dd9b-4451-9bc4-22c8a5095cd8?source=api-prod",{"id":45,"url_slug":46,"title":47,"description":48,"plugin_slug":4,"theme_slug":35,"affected_versions":36,"patched_in_version":35,"severity":37,"cvss_score":38,"cvss_vector":39,"vuln_type":40,"published_date":49,"updated_date":41,"references":50,"days_to_patch":35},"CVE-2025-26907","estatik-mortgage-calculator-authenticated-contributor-local-file-inclusion","Estatik Mortgage Calculator \u003C= 2.0.12 - Authenticated (Contributor+) Local File Inclusion","The Estatik Mortgage Calculator plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.0.12. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.","2025-02-23 00:00:00",[51],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F9ac6817e-5794-4ecb-ab3c-58b09a4e52c0?source=api-prod",{"id":53,"url_slug":54,"title":55,"description":56,"plugin_slug":4,"theme_slug":35,"affected_versions":57,"patched_in_version":6,"severity":58,"cvss_score":59,"cvss_vector":60,"vuln_type":61,"published_date":62,"updated_date":63,"references":64,"days_to_patch":66},"CVE-2024-9354","estatik-mortgage-calculator-reflected-cross-site-scripting","Estatik Mortgage Calculator \u003C= 2.0.11 - Reflected Cross-Site Scripting","The Estatik Mortgage Calculator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'color' parameter in all versions up to, and including, 2.0.11 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","\u003C=2.0.11","medium",6.1,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:R\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2025-01-06 00:00:00","2025-01-07 06:40:58",[65],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F4b955a0f-d064-436f-8648-0e84fac752d2?source=api-prod",1,{"id":68,"url_slug":69,"title":70,"description":71,"plugin_slug":4,"theme_slug":35,"affected_versions":57,"patched_in_version":35,"severity":37,"cvss_score":72,"cvss_vector":73,"vuln_type":61,"published_date":74,"updated_date":41,"references":75,"days_to_patch":35},"CVE-2023-40601","mortgage-calculator-estatik-reflected-cross-site-scripting","Mortgage Calculator Estatik \u003C= 2.0.11 - Reflected Cross-Site Scripting","The Estatik Mortgage Calculator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 2.0.11 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",7.2,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","2023-08-17 00:00:00",[76],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Fcb73e92b-b807-4406-b378-cef6cff9eb82?source=api-prod",{"id":78,"url_slug":79,"title":80,"description":81,"plugin_slug":4,"theme_slug":35,"affected_versions":57,"patched_in_version":35,"severity":58,"cvss_score":59,"cvss_vector":60,"vuln_type":61,"published_date":82,"updated_date":41,"references":83,"days_to_patch":35},"CVE-2023-28490","wordpress-mortgage-calculator-estatik-reflected-cross-site-scripting","WordPress Mortgage Calculator Estatik \u003C= 2.0.11 - Reflected Cross-Site Scripting","The WordPress Mortgage Calculator Estatik plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via an unknown parameter in versions up to, and including, 2.0.11 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.","2023-03-16 00:00:00",[84],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F5ce9dd21-3c89-4ddd-9022-f1edf1224e2d?source=api-prod",{"slug":20,"display_name":7,"profile_url":8,"plugin_count":86,"total_installs":87,"avg_security_score":88,"avg_patch_time_days":89,"trust_score":90,"computed_at":91},2,11000,27,952,28,"2026-04-04T12:28:23.323Z",[93,115,129,148,161],{"slug":94,"name":95,"version":96,"author":97,"author_profile":98,"description":99,"short_description":100,"active_installs":101,"downloaded":102,"rating":103,"num_ratings":104,"last_updated":105,"tested_up_to":16,"requires_at_least":106,"requires_php":18,"tags":107,"homepage":112,"download_link":113,"security_score":13,"vuln_count":114,"unpatched_count":114,"last_vuln_date":35,"fetched_at":28},"responsive-mortgage-calculator","Responsive Mortgage Calculator","2.6.0","Mortgage Calculator","https:\u002F\u002Fprofiles.wordpress.org\u002Fmlcalc\u002F","\u003Cp>The Responsive Mortgage Calculator is a jQuery widget and shortcode that’s designed to fit easily into any theme, on any device, at any size. Just what every “Real Estate Agent on the go” needs. This plugin is, optionally, relying on \u003Ca href=\"https:\u002F\u002Fwww.mlcalc.com\u002Fmortgage-calculator\u002F\" title=\"Mortgage Calculator\" rel=\"nofollow ugc\">www.mlcalc.com\u002Fmortgage-calculator\u002F\u003C\u002Fa> service to show mortgage amortization and chart.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>The mortgage calculator allows your website visitors to estimate their mortgage payments by entering:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>the total cost of the home,\u003C\u002Fli>\n\u003Cli>a down payment amount,\u003C\u002Fli>\n\u003Cli>an interest rate (fixed rate),\u003C\u002Fli>\n\u003Cli>the amortization period (mortgage term),\u003C\u002Fli>\n\u003Cli>and they can select a payment period, either monthly, bi-weekly, or weekly,\u003C\u002Fli>\n\u003Cli>nice popup summary with chart and amortization schedule.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The mortgage payment result is displayed below the form – very simply and very easy to follow. For the savvy user, a click on the information icon reveals more mortgage details…\u003C\u002Fp>\n\u003Ch4>Redesign It\u003C\u002Fh4>\n\u003Cp>There are settings to adjust the styling, a light and a dark theme, or you can remove the styling entirely and use your theme’s styling. The HTML is built with plenty of classes, so it’s easy to override the included stylesheet with your own CSS.\u003C\u002Fp>\n\u003Ch4>Plenty of Options\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Set the interest rate compounding period for your region.\u003C\u002Fli>\n\u003Cli>Format currencies how you want with your own symbol, ISO code and number format.\u003C\u002Fli>\n\u003Cli>Hide the down payment field.\u003C\u002Fli>\n\u003Cli>Set a default interest rate.\u003C\u002Fli>\n\u003Cli>Accept amortization period in months or years.\u003C\u002Fli>\n\u003Cli>Set a fixed payment period.\u003C\u002Fli>\n\u003Cli>Set available mortgage payment period options.\u003C\u002Fli>\n\u003Cli>Rename the input labels.\u003C\u002Fli>\n\u003Cli>Add your own CSS classes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Shortcode Attributes\u003C\u002Fh4>\n\u003Cp>Use the shortcode on different pages with different field names by using shortcode attributes. They’re pretty obvious, but here’s an example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[mortgagecalculator totalamount=\"Mortgage Amount\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>or use the first letter of the original labels:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[rmc ta=\"Mortgage Amount\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Set input values using attributes for total amount, down payment, interest rate, and mortgage term the long way:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[mortgagecalculator total_amount_value=\"$250,000\" down_payment_value=\"$50,000\" interest_rate_value=\"3.49%\" amortization_period_value=\"15 years\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>or using the short versions:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[rmc tav=\"$250,000\" dpv=\"$50,000\" irv=\"3.49%\" apv=\"15 years\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Disclaimer\u003C\u002Fh4>\n\u003Cp>The Responsive Mortgage Calculator is for demonstration purposes only and may not reflect actual numbers for your mortgage.\u003C\u002Fp>\n","A simple responsive mortgage calculator widget and shortcode.",7000,183871,88,21,"2024-11-11T04:02:00.000Z","3.0.1",[108,109,110,111,21],"home-loan","loan","loan-calculator","mortgage","https:\u002F\u002Fwww.calculator.io\u002Fmortgage-calculator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fresponsive-mortgage-calculator.2.6.0.zip",0,{"slug":21,"name":97,"version":116,"author":97,"author_profile":117,"description":118,"short_description":119,"active_installs":120,"downloaded":121,"rating":122,"num_ratings":123,"last_updated":105,"tested_up_to":16,"requires_at_least":124,"requires_php":18,"tags":125,"homepage":112,"download_link":128,"security_score":13,"vuln_count":114,"unpatched_count":114,"last_vuln_date":35,"fetched_at":28},"1.3.0","https:\u002F\u002Fprofiles.wordpress.org\u002Fmcitar\u002F","\u003Cp>This plugin provides a very simple and easy to use mortgage calculator widget.\u003C\u002Fp>\n\u003Cp>I tried to provide a bloat-free mortgage plugin that serves the purpose in a quality way.\u003C\u002Fp>\n\u003Cp>This mortgage plugin is also translation ready and you can translate it to your language using pot file provided in languages directory.\u003C\u002Fp>\n","It provides an easy to use mortgage calculator widget.",4000,172617,100,8,"4.6",[109,111,21,126,127],"real-estate","realtor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmortgage-calculator.1.3.0.zip",{"slug":130,"name":131,"version":132,"author":133,"author_profile":134,"description":135,"short_description":136,"active_installs":137,"downloaded":138,"rating":139,"num_ratings":140,"last_updated":141,"tested_up_to":16,"requires_at_least":124,"requires_php":18,"tags":142,"homepage":144,"download_link":145,"security_score":146,"vuln_count":86,"unpatched_count":114,"last_vuln_date":147,"fetched_at":28},"mortgage-calculators-wp","Mortgage Calculators WP","1.60","8blocks","https:\u002F\u002Fprofiles.wordpress.org\u002F8blocks\u002F","\u003Cp>Mortgage Calculators WP is a very easy-to-use wordpress plugin built with the purpose of providing mortgage and other finance professionals with a mortgage calculator that not only delivers accurate home loan estimates, but also the ability for the users to instantly receive a free copy of those estimates via email while also providing the website owner with an email lead everytime a user requests a copy of their estimated values.\u003C\u002Fp>\n\u003Cp>You can view a live demo of our mortgage calculators as seen on our \u003Ca href=\"https:\u002F\u002Flenderd.com\u002Floan-officer-websites\u002F\" rel=\"nofollow ugc\">loan officer website themes\u003C\u002Fa>. Simply preview any of the sites provided and scroll down to view the calculator as it would appear on your website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fmortgagecalculatorsplugin.com\u002F\" rel=\"nofollow ugc\">4 Additional Calculators & Support Available Here\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Mortgage Calculators WP provides users with a simple, elegant and responsive solution for users to calculate mortgage values.",3000,29625,94,10,"2024-10-16T23:30:00.000Z",[110,111,143,21,126],"mortgage-calc","https:\u002F\u002Fmortgagecalculatorsplugin.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmortgage-calculators-wp.zip",91,"2024-04-16 00:00:00",{"slug":149,"name":150,"version":151,"author":97,"author_profile":152,"description":153,"short_description":154,"active_installs":11,"downloaded":155,"rating":122,"num_ratings":26,"last_updated":156,"tested_up_to":157,"requires_at_least":158,"requires_php":18,"tags":159,"homepage":112,"download_link":160,"security_score":13,"vuln_count":114,"unpatched_count":114,"last_vuln_date":35,"fetched_at":28},"ct-mortgage-calculator","Simple Mortgage Calculator","1.4.0","https:\u002F\u002Fprofiles.wordpress.org\u002Frmcalculator\u002F","\u003Cp>A straightforward and simple responsive mortgage calculator with a clean flat design, featuring Home Price, Interest Rate, Mortgage Term (years) & Down Payment. You can also use a shortcode \u003Ccode>mortgage_calc\u003C\u002Fcode>.\u003C\u002Fp>\n","A straightforward and simple responsive mortgage calculator with a clean flat design.",50563,"2024-07-31T13:24:00.000Z","6.5.8","3.3",[108,109,110,111,21],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fct-mortgage-calculator.1.4.0.zip",{"slug":162,"name":163,"version":164,"author":165,"author_profile":166,"description":167,"short_description":168,"active_installs":169,"downloaded":170,"rating":114,"num_ratings":114,"last_updated":171,"tested_up_to":16,"requires_at_least":172,"requires_php":18,"tags":173,"homepage":177,"download_link":178,"security_score":146,"vuln_count":66,"unpatched_count":114,"last_vuln_date":179,"fetched_at":28},"property-hive-mortgage-calculator","Property Hive Mortgage Calculator","1.0.7","Property Hive","https:\u002F\u002Fprofiles.wordpress.org\u002Fpropertyhive\u002F","\u003Cp>This plugin, from the creators of \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpropertyhive\u002F\" rel=\"ugc\">Property Hive\u003C\u002Fa>, allows you to quickly and easily add a mortgage calculator to your website by simply adding the shortcode [mortgage_calculator] where you want it to appear.\u003C\u002Fp>\n\u003Cp>Users simply enter the purchase price, deposit amount, interest rate and repayment period, then the repayment information is calculated instantly.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdocs.wp-property-hive.com\u002Fcategory\u002F533-mortgage-calculator\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Note: This plugin is independent of Property Hive. You DO NOT need to be using Property Hive to download and use this plugin.\u003C\u002Fp>\n","Quickly and easily add a mortgage calculator to your website",800,9357,"2024-12-04T09:32:00.000Z","3.8",[111,21,174,175,176],"property-hive","propertyhive","repayments","https:\u002F\u002Fwp-property-hive.com\u002Faddons\u002Fmortgage-calculator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproperty-hive-mortgage-calculator.1.0.7.zip","2024-12-09 19:52:15",{"attackSurface":181,"codeSignals":240,"taintFlows":267,"riskAssessment":268,"analyzedAt":282},{"hooks":182,"ajaxHandlers":229,"restRoutes":230,"shortcodes":231,"cronEvents":239,"entryPointCount":86,"unprotectedCount":114},[183,189,193,198,203,207,211,215,219,222,225],{"type":184,"name":185,"callback":186,"file":187,"line":188},"action","plugins_loaded","emc_load_text_domain","estatik-calculator.php",41,{"type":184,"name":190,"callback":191,"file":187,"line":192},"admin_menu","emc_admin_options_menu",58,{"type":194,"name":195,"callback":196,"priority":140,"file":187,"line":197},"filter","plugin_action_links","emc_plugin_action_links",75,{"type":184,"name":199,"callback":200,"priority":140,"file":201,"line":202},"emc-mortgage-calculator_page_access_block","page_access_block","includes\\admin\\class-mortgage-calculator-widget.php",18,{"type":184,"name":204,"callback":205,"file":201,"line":206},"admin_enqueue_scripts","enqueue_scripts",20,{"type":184,"name":208,"callback":209,"priority":210,"file":201,"line":104},"admin_footer-widgets.php","print_scripts",9999,{"type":184,"name":212,"callback":213,"file":201,"line":214},"widgets_init","emc_register_widget",311,{"type":184,"name":204,"callback":216,"file":217,"line":218},"emc_admin_assets","includes\\functions.php",22,{"type":184,"name":220,"callback":220,"priority":140,"file":217,"line":221},"emc_display_calculator_field",488,{"type":184,"name":223,"callback":223,"file":217,"line":224},"emc_display_calculator_button",498,{"type":184,"name":226,"callback":227,"file":217,"line":228},"init","emc_save_options",519,[],[],[232,236],{"tag":233,"callback":234,"file":187,"line":235},"es_mortgage_calculator","emc_get_calculator_markup",77,{"tag":237,"callback":234,"file":187,"line":238},"mortgage_calculator",78,[],{"dangerousFunctions":241,"sqlUsage":242,"outputEscaping":244,"fileOperations":114,"externalRequests":114,"nonceChecks":66,"capabilityChecks":114,"bundledLibraries":266},[],{"prepared":114,"raw":114,"locations":243},[],{"escaped":245,"rawEcho":246,"locations":247},213,9,[248,250,252,254,256,258,260,262,264],{"file":201,"line":122,"context":249},"raw output",{"file":201,"line":251,"context":249},104,{"file":201,"line":253,"context":249},108,{"file":201,"line":255,"context":249},111,{"file":201,"line":257,"context":249},160,{"file":259,"line":26,"context":249},"includes\\admin\\templates\\options.php",{"file":259,"line":261,"context":249},39,{"file":217,"line":263,"context":249},472,{"file":217,"line":265,"context":249},496,[],[],{"summary":269,"deductions":270},"The 'estatik-mortgage-calculator' plugin v2.0.12 exhibits a mixed security posture.  While the static analysis reveals a good adherence to secure coding practices, such as the absence of dangerous functions, file operations, and external HTTP requests, and a high percentage of properly escaped output and prepared SQL statements, significant concerns arise from its vulnerability history.  The plugin has a history of 5 known CVEs, with a concerning 4 of them remaining unpatched, including 3 high-severity vulnerabilities.  The common vulnerability types, 'PHP Remote File Inclusion' and 'Cross-site Scripting', are particularly serious and can lead to significant compromise.  The lack of capability checks on entry points and only one nonce check, despite having two shortcodes as entry points, is a potential weakness.  The static analysis, while clean in terms of taint flows and direct vulnerabilities, does not mitigate the risks posed by past unpatched vulnerabilities, suggesting potential for undiscovered issues or a lack of effective patching by the developer.",[271,273,276,278,280],{"reason":272,"points":206},"Unpatched High Severity CVEs (3)",{"reason":274,"points":275},"Unpatched Medium Severity CVEs (1)",15,{"reason":277,"points":140},"Vulnerability History (5 total CVEs)",{"reason":279,"points":140},"Lack of Capability Checks",{"reason":281,"points":14},"Insufficient Nonce Checks (1 total)","2026-03-16T18:48:50.036Z",{"wat":284,"direct":293},{"assetPaths":285,"generatorPatterns":288,"scriptPaths":289,"versionParams":290},[286,287],"\u002Fwp-content\u002Fplugins\u002Festatik-mortgage-calculator\u002Fjs\u002Fcalculator.js","\u002Fwp-content\u002Fplugins\u002Festatik-mortgage-calculator\u002Fcss\u002Fcalculator.css",[],[286],[291,292],"estatik-mortgage-calculator\u002Fjs\u002Fcalculator.js?ver=","estatik-mortgage-calculator\u002Fcss\u002Fcalculator.css?ver=",{"cssClasses":294,"htmlComments":298,"htmlAttributes":299,"restEndpoints":303,"jsGlobals":304,"shortcodeOutput":306},[295,296,297],"emc-calculator-widget-form","emc-calculator-form","emc-calculator-result",[],[300,301,302],"data-currency-symbol","data-digits-color","data-color",[],[305],"emc_calculator",[307,308],"[es_mortgage_calculator]","[mortgage_calculator]"]