[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f0YrinBFbtJ8HNGxHkn--W07C5KLl7NfjGCz0b1IbHKA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":17,"tags":18,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":13,"last_vuln_date":28,"fetched_at":29,"vulnerabilities":30,"developer":45,"crawl_stats":36,"alternatives":52,"analysis":139,"fingerprints":178},"property-hive-mortgage-calculator","Property Hive Mortgage Calculator","1.0.7","Property Hive","https:\u002F\u002Fprofiles.wordpress.org\u002Fpropertyhive\u002F","\u003Cp>This plugin, from the creators of \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpropertyhive\u002F\" rel=\"ugc\">Property Hive\u003C\u002Fa>, allows you to quickly and easily add a mortgage calculator to your website by simply adding the shortcode [mortgage_calculator] where you want it to appear.\u003C\u002Fp>\n\u003Cp>Users simply enter the purchase price, deposit amount, interest rate and repayment period, then the repayment information is calculated instantly.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdocs.wp-property-hive.com\u002Fcategory\u002F533-mortgage-calculator\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Note: This plugin is independent of Property Hive. You DO NOT need to be using Property Hive to download and use this plugin.\u003C\u002Fp>\n","Quickly and easily add a mortgage calculator to your website",800,9357,0,"2024-12-04T09:32:00.000Z","6.7.5","3.8","",[19,20,21,22,23],"mortgage","mortgage-calculator","property-hive","propertyhive","repayments","https:\u002F\u002Fwp-property-hive.com\u002Faddons\u002Fmortgage-calculator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproperty-hive-mortgage-calculator.1.0.7.zip",91,1,"2024-12-09 19:52:15","2026-03-15T15:16:48.613Z",[31],{"id":32,"url_slug":33,"title":34,"description":35,"plugin_slug":4,"theme_slug":36,"affected_versions":37,"patched_in_version":6,"severity":38,"cvss_score":39,"cvss_vector":40,"vuln_type":41,"published_date":28,"updated_date":42,"references":43,"days_to_patch":27},"CVE-2024-11940","property-hive-mortgage-calculator-authenticated-contributor-stored-cross-site-scripting-via-price-parameter","Property Hive Mortgage Calculator \u003C= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via price Parameter","The Property Hive Mortgage Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘price’ parameter in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.0.6","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-12-10 08:23:41",[44],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F0f01f69e-0ff8-4771-9bf5-53ef78438cc2?source=api-prod",{"slug":22,"display_name":7,"profile_url":8,"plugin_count":46,"total_installs":47,"avg_security_score":48,"avg_patch_time_days":49,"trust_score":50,"computed_at":51},8,6620,92,218,73,"2026-04-04T11:28:23.403Z",[53,73,86,105,120],{"slug":54,"name":55,"version":56,"author":57,"author_profile":58,"description":59,"short_description":60,"active_installs":61,"downloaded":62,"rating":63,"num_ratings":64,"last_updated":65,"tested_up_to":15,"requires_at_least":66,"requires_php":17,"tags":67,"homepage":71,"download_link":72,"security_score":48,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"responsive-mortgage-calculator","Responsive Mortgage Calculator","2.6.0","Mortgage Calculator","https:\u002F\u002Fprofiles.wordpress.org\u002Fmlcalc\u002F","\u003Cp>The Responsive Mortgage Calculator is a jQuery widget and shortcode that’s designed to fit easily into any theme, on any device, at any size. Just what every “Real Estate Agent on the go” needs. This plugin is, optionally, relying on \u003Ca href=\"https:\u002F\u002Fwww.mlcalc.com\u002Fmortgage-calculator\u002F\" title=\"Mortgage Calculator\" rel=\"nofollow ugc\">www.mlcalc.com\u002Fmortgage-calculator\u002F\u003C\u002Fa> service to show mortgage amortization and chart.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>The mortgage calculator allows your website visitors to estimate their mortgage payments by entering:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>the total cost of the home,\u003C\u002Fli>\n\u003Cli>a down payment amount,\u003C\u002Fli>\n\u003Cli>an interest rate (fixed rate),\u003C\u002Fli>\n\u003Cli>the amortization period (mortgage term),\u003C\u002Fli>\n\u003Cli>and they can select a payment period, either monthly, bi-weekly, or weekly,\u003C\u002Fli>\n\u003Cli>nice popup summary with chart and amortization schedule.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The mortgage payment result is displayed below the form – very simply and very easy to follow. For the savvy user, a click on the information icon reveals more mortgage details…\u003C\u002Fp>\n\u003Ch4>Redesign It\u003C\u002Fh4>\n\u003Cp>There are settings to adjust the styling, a light and a dark theme, or you can remove the styling entirely and use your theme’s styling. The HTML is built with plenty of classes, so it’s easy to override the included stylesheet with your own CSS.\u003C\u002Fp>\n\u003Ch4>Plenty of Options\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Set the interest rate compounding period for your region.\u003C\u002Fli>\n\u003Cli>Format currencies how you want with your own symbol, ISO code and number format.\u003C\u002Fli>\n\u003Cli>Hide the down payment field.\u003C\u002Fli>\n\u003Cli>Set a default interest rate.\u003C\u002Fli>\n\u003Cli>Accept amortization period in months or years.\u003C\u002Fli>\n\u003Cli>Set a fixed payment period.\u003C\u002Fli>\n\u003Cli>Set available mortgage payment period options.\u003C\u002Fli>\n\u003Cli>Rename the input labels.\u003C\u002Fli>\n\u003Cli>Add your own CSS classes.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Shortcode Attributes\u003C\u002Fh4>\n\u003Cp>Use the shortcode on different pages with different field names by using shortcode attributes. They’re pretty obvious, but here’s an example:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[mortgagecalculator totalamount=\"Mortgage Amount\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>or use the first letter of the original labels:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[rmc ta=\"Mortgage Amount\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>Set input values using attributes for total amount, down payment, interest rate, and mortgage term the long way:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[mortgagecalculator total_amount_value=\"$250,000\" down_payment_value=\"$50,000\" interest_rate_value=\"3.49%\" amortization_period_value=\"15 years\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Cp>or using the short versions:\u003C\u002Fp>\n\u003Cpre>\u003Ccode>[rmc tav=\"$250,000\" dpv=\"$50,000\" irv=\"3.49%\" apv=\"15 years\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Disclaimer\u003C\u002Fh4>\n\u003Cp>The Responsive Mortgage Calculator is for demonstration purposes only and may not reflect actual numbers for your mortgage.\u003C\u002Fp>\n","A simple responsive mortgage calculator widget and shortcode.",7000,183871,88,21,"2024-11-11T04:02:00.000Z","3.0.1",[68,69,70,19,20],"home-loan","loan","loan-calculator","https:\u002F\u002Fwww.calculator.io\u002Fmortgage-calculator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fresponsive-mortgage-calculator.2.6.0.zip",{"slug":20,"name":57,"version":74,"author":57,"author_profile":75,"description":76,"short_description":77,"active_installs":78,"downloaded":79,"rating":80,"num_ratings":46,"last_updated":65,"tested_up_to":15,"requires_at_least":81,"requires_php":17,"tags":82,"homepage":71,"download_link":85,"security_score":48,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"1.3.0","https:\u002F\u002Fprofiles.wordpress.org\u002Fmcitar\u002F","\u003Cp>This plugin provides a very simple and easy to use mortgage calculator widget.\u003C\u002Fp>\n\u003Cp>I tried to provide a bloat-free mortgage plugin that serves the purpose in a quality way.\u003C\u002Fp>\n\u003Cp>This mortgage plugin is also translation ready and you can translate it to your language using pot file provided in languages directory.\u003C\u002Fp>\n","It provides an easy to use mortgage calculator widget.",4000,172617,100,"4.6",[69,19,20,83,84],"real-estate","realtor","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmortgage-calculator.1.3.0.zip",{"slug":87,"name":88,"version":89,"author":90,"author_profile":91,"description":92,"short_description":93,"active_installs":94,"downloaded":95,"rating":96,"num_ratings":97,"last_updated":98,"tested_up_to":15,"requires_at_least":81,"requires_php":17,"tags":99,"homepage":101,"download_link":102,"security_score":26,"vuln_count":103,"unpatched_count":13,"last_vuln_date":104,"fetched_at":29},"mortgage-calculators-wp","Mortgage Calculators WP","1.60","8blocks","https:\u002F\u002Fprofiles.wordpress.org\u002F8blocks\u002F","\u003Cp>Mortgage Calculators WP is a very easy-to-use wordpress plugin built with the purpose of providing mortgage and other finance professionals with a mortgage calculator that not only delivers accurate home loan estimates, but also the ability for the users to instantly receive a free copy of those estimates via email while also providing the website owner with an email lead everytime a user requests a copy of their estimated values.\u003C\u002Fp>\n\u003Cp>You can view a live demo of our mortgage calculators as seen on our \u003Ca href=\"https:\u002F\u002Flenderd.com\u002Floan-officer-websites\u002F\" rel=\"nofollow ugc\">loan officer website themes\u003C\u002Fa>. Simply preview any of the sites provided and scroll down to view the calculator as it would appear on your website.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fmortgagecalculatorsplugin.com\u002F\" rel=\"nofollow ugc\">4 Additional Calculators & Support Available Here\u003C\u002Fa>\u003C\u002Fstrong>\u003C\u002Fp>\n","Mortgage Calculators WP provides users with a simple, elegant and responsive solution for users to calculate mortgage values.",3000,29625,94,10,"2024-10-16T23:30:00.000Z",[70,19,100,20,83],"mortgage-calc","https:\u002F\u002Fmortgagecalculatorsplugin.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fmortgage-calculators-wp.zip",2,"2024-04-16 00:00:00",{"slug":106,"name":107,"version":108,"author":57,"author_profile":109,"description":110,"short_description":111,"active_installs":112,"downloaded":113,"rating":80,"num_ratings":114,"last_updated":115,"tested_up_to":116,"requires_at_least":117,"requires_php":17,"tags":118,"homepage":71,"download_link":119,"security_score":48,"vuln_count":13,"unpatched_count":13,"last_vuln_date":36,"fetched_at":29},"ct-mortgage-calculator","Simple Mortgage Calculator","1.4.0","https:\u002F\u002Fprofiles.wordpress.org\u002Frmcalculator\u002F","\u003Cp>A straightforward and simple responsive mortgage calculator with a clean flat design, featuring Home Price, Interest Rate, Mortgage Term (years) & Down Payment. You can also use a shortcode \u003Ccode>mortgage_calc\u003C\u002Fcode>.\u003C\u002Fp>\n","A straightforward and simple responsive mortgage calculator with a clean flat design.",1000,50563,4,"2024-07-31T13:24:00.000Z","6.5.8","3.3",[68,69,70,19,20],"https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fct-mortgage-calculator.1.4.0.zip",{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":112,"downloaded":128,"rating":48,"num_ratings":129,"last_updated":130,"tested_up_to":15,"requires_at_least":131,"requires_php":17,"tags":132,"homepage":135,"download_link":136,"security_score":137,"vuln_count":129,"unpatched_count":114,"last_vuln_date":138,"fetched_at":29},"estatik-mortgage-calculator","Estatik Mortgage Calculator","2.0.12","Estatik","https:\u002F\u002Fprofiles.wordpress.org\u002Festatik\u002F","\u003Cp>Estatik Mortgage Calculator will allow your website visitors to estimate their mortgage payments. It is great-looking and informative, and absolutely free! Check out http:\u002F\u002Festatik.net\u002F for more information.\u003Cbr \u002F>\nVisit \u003Ca href=\"http:\u002F\u002Fdemo.estatik.net\u002F\" rel=\"nofollow ugc\">demo\u003C\u002Fa> of Estatik calculator on one of default WordPress themes or \u003Ca href=\"http:\u002F\u002Ftrendy.estatik.net\u002F\" rel=\"nofollow ugc\">demo\u003C\u002Fa> on Estatik custom theme.\u003C\u002Fp>\n\u003Cp>Main features:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Estatik mortgage calculator looks good on any device from both sides: admin and front.\u003C\u002Fli>\n\u003Cli>You can use it as simple calculator with Purchase price, Down payment, Interest Rate or enable advanced options and switch on extra Home Insurance, Property taxes and PMI.\u003C\u002Fli>\n\u003Cli>Adapt calculator color according to your theme styles. Choose any color you need via plugin Settings.\u003C\u002Fli>\n\u003Cli>The calculator displays results in Popup window with graph or simple text and image. You can select one of options most appealing for you.\u003C\u002Fli>\n\u003Cli>Add calculator to your sidebars as widget or use shortcode to add it to any page.\u003C\u002Fli>\n\u003Cli>To make it more attractive we used jQuery and Google Charts in its code.\u003C\u002Fli>\n\u003Cli>If used with \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Festatik\u002F\" rel=\"ugc\">Estatik plugin\u003C\u002Fa>, Purchase Price field in Calculator is synchronized with Listing price in Estatik if used together on the same page.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Translated into:\u003Cbr \u002F>\n* Russian\u003Cbr \u002F>\n* Spanish\u003Cbr \u002F>\n* German\u003Cbr \u002F>\n* Italian\u003Cbr \u002F>\n* Dutch\u003C\u002Fp>\n\u003Cp>Visit official \u003Ca href=\"https:\u002F\u002Festatik.net\u002Fproduct\u002Festatik-mortgage-calculator\u002F\" rel=\"nofollow ugc\">Estatik Mortgage Calculator page\u003C\u002Fa> to get full information.\u003C\u002Fp>\n","Estatik Mortgage Calculator will allow your website visitors to estimate their mortgage payments. It is great-looking and informative!",42591,5,"2024-12-30T07:57:00.000Z","5.4",[133,121,20,134],"estatik","wordpress-mortgage-calculator","http:\u002F\u002Festatik.net","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Festatik-mortgage-calculator.zip",29,"2025-05-16 00:00:00",{"attackSurface":140,"codeSignals":159,"taintFlows":167,"riskAssessment":168,"analyzedAt":177},{"hooks":141,"ajaxHandlers":151,"restRoutes":152,"shortcodes":153,"cronEvents":158,"entryPointCount":27,"unprotectedCount":13},[142,148],{"type":143,"name":144,"callback":145,"file":146,"line":147},"action","wp_enqueue_scripts","load_mortgage_calculator_scripts","propertyhive-mortgage-calculator.php",68,{"type":143,"name":144,"callback":149,"file":146,"line":150},"load_mortgage_calculator_styles",69,[],[],[154],{"tag":155,"callback":156,"file":146,"line":157},"mortgage_calculator","propertyhive_mortgage_calculator_shortcode",71,[],{"dangerousFunctions":160,"sqlUsage":161,"outputEscaping":163,"fileOperations":13,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":166},[],{"prepared":13,"raw":13,"locations":162},[],{"escaped":164,"rawEcho":13,"locations":165},23,[],[],[],{"summary":169,"deductions":170},"The security posture of the property-hive-mortgage-calculator plugin version 1.0.7 appears to be generally good based on the static analysis. The absence of dangerous functions, properly escaped output, and the use of prepared statements for all SQL queries are positive indicators. Furthermore, there are no identified taint flows or flows with unsanitized paths, suggesting the code does not exhibit common vulnerability patterns related to input handling.  The plugin also boasts a minimal attack surface with only one shortcode and no unprotected entry points identified during the static analysis.\n\nHowever, a notable concern arises from the vulnerability history, which indicates one known medium-severity CVE related to Cross-Site Scripting (XSS). While this vulnerability is listed as currently unpatched, its age (2024-12-09) might suggest it has been fixed in subsequent versions, though this is not explicitly confirmed by the provided data. The complete lack of nonce checks and capability checks across all identified entry points is a significant weakness. This means that even though the code itself appears to handle data safely, there are no built-in mechanisms to prevent unauthorized users from triggering these functions, potentially leading to unintended actions or the exploitation of other vulnerabilities if they were to be discovered in the future.\n\nIn conclusion, the plugin demonstrates strong adherence to secure coding practices concerning SQL and output handling. The static analysis reveals a clean codebase with a small attack surface. The primary weakness lies in the absence of authorization checks (nonces and capabilities) on its entry points, which leaves it susceptible to abuse if an attacker can bypass frontend restrictions. The past XSS vulnerability, while seemingly resolved, highlights the importance of ongoing security vigilance and prompt patching of any disclosed issues.",[171,173,175],{"reason":172,"points":97},"One medium severity CVE history",{"reason":174,"points":97},"0 Nonce checks on entry points",{"reason":176,"points":97},"0 Capability checks on entry points","2026-03-16T19:16:45.299Z",{"wat":179,"direct":188},{"assetPaths":180,"generatorPatterns":183,"scriptPaths":184,"versionParams":185},[181,182],"\u002Fwp-content\u002Fplugins\u002Fproperty-hive-mortgage-calculator\u002Fassets\u002Fjs\u002Fpropertyhive-mortgage-calculator.js","\u002Fwp-content\u002Fplugins\u002Fproperty-hive-mortgage-calculator\u002Fassets\u002Fcss\u002Fpropertyhive-mortgage-calculator.css",[],[181],[186,187],"property-hive-mortgage-calculator\u002Fassets\u002Fjs\u002Fpropertyhive-mortgage-calculator.js?ver=","property-hive-mortgage-calculator\u002Fassets\u002Fcss\u002Fpropertyhive-mortgage-calculator.css?ver=",{"cssClasses":189,"htmlComments":190,"htmlAttributes":191,"restEndpoints":192,"jsGlobals":193,"shortcodeOutput":194},[],[],[],[],[],[]]