[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fBkiu7INc4ajw9Mtax1nenNFjY48xcWW9aD0Vk5pQzIM":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":29,"last_vuln_date":30,"fetched_at":31,"vulnerabilities":32,"developer":48,"crawl_stats":38,"alternatives":55,"analysis":140,"fingerprints":221},"property-hive-stamp-duty-calculator","Property Hive Stamp Duty Calculator","1.0.28","Property Hive","https:\u002F\u002Fprofiles.wordpress.org\u002Fpropertyhive\u002F","\u003Cp>This plugin, from the creators of \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpropertyhive\u002F\" rel=\"ugc\">Property Hive\u003C\u002Fa>, allows you to quickly and easily add a stamp duty calculator to your website by simply adding a shortcode where you want it to appear.\u003C\u002Fp>\n\u003Cp>Contains stamp duty calculators for England, Scotland, Wales and Commercial.\u003C\u002Fp>\n\u003Cp>The supported shortcodes are as follows:\u003C\u002Fp>\n\u003Cp>[stamp_duty_calculator]\u003Cbr \u002F>\n[stamp_duty_calculator_scotland]\u003Cbr \u002F>\n[stamp_duty_calculator_wales]\u003Cbr \u002F>\n[stamp_duty_calculator_commercial]\u003C\u002Fp>\n\u003Cp>Users simply enter the purchase price then the stamp duty information is calculated instantly.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdocs.wp-property-hive.com\u002Fcategory\u002F537-stamp-duty-calculator\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Note: This plugin is independent of Property Hive. You DO NOT need to be using Property Hive to download and use this plugin.\u003C\u002Fp>\n","Quickly and easily add a stamp duty calculator to your website.",900,19886,76,5,"2026-02-11T13:18:00.000Z","6.9.4","3.8","",[20,21,22,23,24],"property-hive","propertyhive","stamp-duty","stamp-duty-calculator","stampduty","https:\u002F\u002Fwp-property-hive.com\u002Faddons\u002Fstamp-duty-calculator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproperty-hive-stamp-duty-calculator.1.0.28.zip",99,1,0,"2024-12-12 00:00:00","2026-03-15T15:16:48.613Z",[33],{"id":34,"url_slug":35,"title":36,"description":37,"plugin_slug":4,"theme_slug":38,"affected_versions":39,"patched_in_version":40,"severity":41,"cvss_score":42,"cvss_vector":43,"vuln_type":44,"published_date":30,"updated_date":45,"references":46,"days_to_patch":28},"CVE-2024-12465","property-hive-stamp-duty-calculator-authenticated-contributor-stored-cross-site-scripting","Property Hive Stamp Duty Calculator \u003C= 1.0.22 - Authenticated (Contributor+) Stored Cross-Site Scripting","The Property Hive Stamp Duty Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'stamp_duty_calculator_scotland' shortcode in all versions up to, and including, 1.0.22 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",null,"\u003C=1.0.22","1.0.23","medium",6.4,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:C\u002FC:L\u002FI:L\u002FA:N","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","2024-12-13 08:24:53",[47],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff4f52cb6-eccf-4213-ae44-4a3fa738723d?source=api-prod",{"slug":21,"display_name":7,"profile_url":8,"plugin_count":49,"total_installs":50,"avg_security_score":51,"avg_patch_time_days":52,"trust_score":53,"computed_at":54},8,6620,92,218,73,"2026-04-04T15:00:31.521Z",[56,74,90,105,120],{"slug":57,"name":58,"version":59,"author":7,"author_profile":8,"description":60,"short_description":61,"active_installs":62,"downloaded":63,"rating":29,"num_ratings":29,"last_updated":64,"tested_up_to":65,"requires_at_least":17,"requires_php":18,"tags":66,"homepage":70,"download_link":71,"security_score":72,"vuln_count":28,"unpatched_count":29,"last_vuln_date":73,"fetched_at":31},"property-hive-mortgage-calculator","Property Hive Mortgage Calculator","1.0.7","\u003Cp>This plugin, from the creators of \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpropertyhive\u002F\" rel=\"ugc\">Property Hive\u003C\u002Fa>, allows you to quickly and easily add a mortgage calculator to your website by simply adding the shortcode [mortgage_calculator] where you want it to appear.\u003C\u002Fp>\n\u003Cp>Users simply enter the purchase price, deposit amount, interest rate and repayment period, then the repayment information is calculated instantly.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdocs.wp-property-hive.com\u002Fcategory\u002F533-mortgage-calculator\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Note: This plugin is independent of Property Hive. You DO NOT need to be using Property Hive to download and use this plugin.\u003C\u002Fp>\n","Quickly and easily add a mortgage calculator to your website",800,9357,"2024-12-04T09:32:00.000Z","6.7.5",[67,68,20,21,69],"mortgage","mortgage-calculator","repayments","https:\u002F\u002Fwp-property-hive.com\u002Faddons\u002Fmortgage-calculator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproperty-hive-mortgage-calculator.1.0.7.zip",91,"2024-12-09 19:52:15",{"slug":75,"name":76,"version":77,"author":7,"author_profile":8,"description":78,"short_description":79,"active_installs":80,"downloaded":81,"rating":29,"num_ratings":29,"last_updated":82,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":83,"homepage":87,"download_link":88,"security_score":89,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"property-hive-rental-affordability-calculator","Property Hive Rental Affordability Calculator","1.0.3","\u003Cp>This plugin, from the creators of \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpropertyhive\u002F\" rel=\"ugc\">Property Hive\u003C\u002Fa>, allows you to quickly and easily add a rental affordability calculator to your website by simply adding the shortcode [rental_affordability_calculator] where you want it to appear.\u003C\u002Fp>\n\u003Cp>Users simply enter the rent or annual income and the affordable rent and\u002For required salaries of both of both tenant and guarantor is calculated.\u003C\u002Fp>\n\u003Cp>Note: This plugin is independent of Property Hive. You DO NOT need to be using Property Hive to download and use this plugin.\u003C\u002Fp>\n","Quickly and easily add a rental affordability calculator to your website.",400,3620,"2026-02-23T12:10:00.000Z",[84,85,20,21,86],"estate-agents","property","real-estate","https:\u002F\u002Fwp-property-hive.com\u002Faddons\u002Frental-affordability-calculator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproperty-hive-rental-affordability-calculator.1.0.3.zip",100,{"slug":91,"name":92,"version":93,"author":7,"author_profile":8,"description":94,"short_description":95,"active_installs":80,"downloaded":96,"rating":29,"num_ratings":29,"last_updated":97,"tested_up_to":98,"requires_at_least":17,"requires_php":18,"tags":99,"homepage":103,"download_link":104,"security_score":51,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"property-hive-rental-yield-calculator","Property Hive Rental Yield Calculator","1.0.4","\u003Cp>This plugin, from the creators of \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpropertyhive\u002F\" rel=\"ugc\">Property Hive\u003C\u002Fa>, allows you to quickly and easily add a rental yield calculator to your website by adding the shortcode [rental_yield_calculator] where you want it to appear.\u003C\u002Fp>\n\u003Cp>Users simply enter the purchase price and monthly rent then the rental yield is calculated instantly.\u003C\u002Fp>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fdocs.wp-property-hive.com\u002Fcategory\u002F552-rental-yield-calculator\" rel=\"nofollow ugc\">Documentation\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>Note: This plugin is independent of Property Hive. You DO NOT need to be using Property Hive to download and use this plugin.\u003C\u002Fp>\n","Quickly and easily add a rental yield calculator to your website",5857,"2024-05-22T13:45:00.000Z","6.5.8",[20,21,100,101,102],"rental-yield","rental-yield-calculator","rentalyield","https:\u002F\u002Fwp-property-hive.com\u002Faddons\u002Frental-yield-calculator\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproperty-hive-rental-yield-calculator.1.0.4.zip",{"slug":106,"name":107,"version":108,"author":7,"author_profile":8,"description":109,"short_description":110,"active_installs":111,"downloaded":112,"rating":29,"num_ratings":29,"last_updated":113,"tested_up_to":114,"requires_at_least":17,"requires_php":18,"tags":115,"homepage":117,"download_link":118,"security_score":119,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":31},"property-hive-allagents-review-embed","Property Hive AllAgents Review Embed","1.0.2","\u003Cp>This plugin, from the creators of \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fpropertyhive\u002F\" rel=\"ugc\">Property Hive\u003C\u002Fa>, allows you to quickly and easily display ratings and reviews from AllAgents on your website by simply adding the shortcode [allagents] where you want them to appear.\u003C\u002Fp>\n\u003Cp>Use pre-built widgets provided by AllAgents or we can integrate with their API whereby you can choose and customise the layout, including option to change colours and display the reviews as a list or in a carousel.\u003C\u002Fp>\n\u003Cp>Note: This plugin is independent of Property Hive. You DO NOT need to be using Property Hive to download and use this plugin.\u003C\u002Fp>\n","Quickly and easily display ratings and reviews from AllAgents, plus customisation options",90,1845,"2020-12-03T10:11:00.000Z","5.5.18",[85,20,21,86,116],"software","http:\u002F\u002Fwp-property-hive.com\u002Faddons\u002Fallagents\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproperty-hive-allagents-review-embed.1.0.2.zip",85,{"slug":121,"name":122,"version":123,"author":124,"author_profile":125,"description":126,"short_description":127,"active_installs":128,"downloaded":129,"rating":29,"num_ratings":29,"last_updated":18,"tested_up_to":130,"requires_at_least":131,"requires_php":132,"tags":133,"homepage":137,"download_link":138,"security_score":89,"vuln_count":29,"unpatched_count":29,"last_vuln_date":38,"fetched_at":139},"property-carousel-for-propertyhive","Property Carousel for Property Hive","1.0.0","markheydon","https:\u002F\u002Fprofiles.wordpress.org\u002Fmarkheydon\u002F","\u003Cp>This is an add-on to the popular Property Hive (Estate agency software for WordPress).  As such it needs the\u003Cbr \u002F>\nProperty Hive plugin as well to work.  The plugin has been written by a 3rd party with no affiliation to the authors\u003Cbr \u002F>\nof the Property Hive plugin.\u003C\u002Fp>\n\u003Cp>Full full details of the Property Hive plugin see one of the following links.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwp-property-hive.com\u002F\" rel=\"nofollow ugc\">Property Hive for WordPress Homepage\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fpropertyhive\u002FWP-Property-Hive\" rel=\"nofollow ugc\">Property Hive on GitHub\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin adds a basic carousel feature allowing you to put a shortcode on any page or post to showcase either\u003Cbr \u002F>\nall properties or featured (or not) properties.  Properties are displayed from a random selected of no more than 10.\u003C\u002Fp>\n\u003Ch4>Example Usage\u003C\u002Fh4>\n\u003Cpre>\u003Ccode>[property_carousel featured=\"yes\"]\n\n[property_carousel featured=\"yes\" department=\"residential-sales\"]\n\u003C\u002Fcode>\u003C\u002Fpre>\n\u003Ch4>Supported Shortcode Attributes\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>featured\u003C\u002Fstrong> – Featured (or not), or blank for all, i.e. “yes”, “no” or “”.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>department\u003C\u002Fstrong> – Department, one of “residential-sales”, “residential-lettings” or “commercial”.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>office_id\u003C\u002Fstrong> – Office ID.\u003C\u002Fp>\n","Property Hive extension to add a carousel feature.",40,1434,"4.9.29","4.7","5.6",[134,135,85,136,21],"carousel","estate-agent","property-carousel","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fproperty-carousel-for-propertyhive\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fproperty-carousel-for-propertyhive.1.0.0.zip","2026-03-15T10:48:56.248Z",{"attackSurface":141,"codeSignals":172,"taintFlows":208,"riskAssessment":209,"analyzedAt":220},{"hooks":142,"ajaxHandlers":152,"restRoutes":153,"shortcodes":154,"cronEvents":170,"entryPointCount":171,"unprotectedCount":29},[143,149],{"type":144,"name":145,"callback":146,"file":147,"line":148},"action","wp_enqueue_scripts","load_stamp_duty_calculator_scripts","propertyhive-stamp-duty-calculator.php",68,{"type":144,"name":145,"callback":150,"file":147,"line":151},"load_stamp_duty_calculator_styles",69,[],[],[155,159,162,166],{"tag":156,"callback":157,"file":147,"line":158},"stamp_duty_calculator","propertyhive_stamp_duty_calculator_shortcode",71,{"tag":160,"callback":161,"file":147,"line":53},"stamp_duty_calculator_scotland","propertyhive_stamp_duty_calculator_scotland_shortcode",{"tag":163,"callback":164,"file":147,"line":165},"stamp_duty_calculator_commercial","propertyhive_stamp_duty_calculator_commercial_shortcode",75,{"tag":167,"callback":168,"file":147,"line":169},"stamp_duty_calculator_wales","propertyhive_stamp_duty_calculator_wales_shortcode",77,[],4,{"dangerousFunctions":173,"sqlUsage":174,"outputEscaping":176,"fileOperations":29,"externalRequests":29,"nonceChecks":29,"capabilityChecks":29,"bundledLibraries":207},[],{"prepared":29,"raw":29,"locations":175},[],{"escaped":171,"rawEcho":177,"locations":178},16,[179,183,184,186,188,190,192,194,196,198,199,200,201,203,205,206],{"file":180,"line":181,"context":182},"templates\\stamp-duty-calculator-commercial.php",3,"raw output",{"file":180,"line":49,"context":182},{"file":180,"line":185,"context":182},12,{"file":180,"line":187,"context":182},14,{"file":189,"line":181,"context":182},"templates\\stamp-duty-calculator-scotland.php",{"file":189,"line":191,"context":182},9,{"file":189,"line":193,"context":182},13,{"file":189,"line":195,"context":182},15,{"file":197,"line":181,"context":182},"templates\\stamp-duty-calculator-wales.php",{"file":197,"line":49,"context":182},{"file":197,"line":185,"context":182},{"file":197,"line":187,"context":182},{"file":202,"line":181,"context":182},"templates\\stamp-duty-calculator.php",{"file":202,"line":204,"context":182},10,{"file":202,"line":187,"context":182},{"file":202,"line":177,"context":182},[],[],{"summary":210,"deductions":211},"The property-hive-stamp-duty-calculator plugin version 1.0.28 exhibits a mixed security posture. On the positive side, the code does not utilize dangerous functions, all SQL queries are properly prepared, and there are no direct file operations or external HTTP requests, which are good security practices. The absence of taint analysis findings and zero unprotected entry points also suggest a level of diligence in sanitizing inputs and controlling access.\n\nHowever, significant concerns arise from the lack of any capability checks or nonce checks. This means that even though the entry points are not exposed without authentication, the internal handling of these entry points might be vulnerable if an attacker can bypass or manipulate the user's session. The low percentage of properly escaped output (20%) is a critical weakness, indicating a high risk of Cross-Site Scripting (XSS) vulnerabilities, which aligns with its vulnerability history.\n\nThe plugin has a history of a known CVE, specifically related to Cross-Site Scripting, although it is currently patched. The presence of past XSS vulnerabilities, coupled with the low output escaping rate in static analysis, strongly suggests that XSS remains a persistent risk. While the current version may have fixed past CVEs, the underlying code practices regarding output sanitization are a major concern, leaving it susceptible to new XSS exploits.",[212,214,216,218],{"reason":213,"points":195},"Low output escaping percentage (20%)",{"reason":215,"points":204},"No nonce checks implemented",{"reason":217,"points":204},"No capability checks implemented",{"reason":219,"points":204},"History of Cross-Site Scripting vulnerabilities","2026-03-16T19:14:53.651Z",{"wat":222,"direct":243},{"assetPaths":223,"generatorPatterns":232,"scriptPaths":233,"versionParams":234},[224,225,226,227,228,229,230,231],"\u002Fwp-content\u002Fplugins\u002Fproperty-hive-stamp-duty-calculator\u002Fassets\u002Fjs\u002Fpropertyhive-stamp-duty-calculator.js","\u002Fwp-content\u002Fplugins\u002Fproperty-hive-stamp-duty-calculator\u002Fassets\u002Fjs\u002Fpropertyhive-stamp-duty-calculator-scotland.js","\u002Fwp-content\u002Fplugins\u002Fproperty-hive-stamp-duty-calculator\u002Fassets\u002Fjs\u002Fpropertyhive-stamp-duty-calculator-commercial.js","\u002Fwp-content\u002Fplugins\u002Fproperty-hive-stamp-duty-calculator\u002Fassets\u002Fjs\u002Fpropertyhive-stamp-duty-calculator-wales.js","\u002Fwp-content\u002Fplugins\u002Fproperty-hive-stamp-duty-calculator\u002Fassets\u002Fcss\u002Fpropertyhive-stamp-duty-calculator.css","\u002Fwp-content\u002Fplugins\u002Fproperty-hive-stamp-duty-calculator\u002Fassets\u002Fcss\u002Fpropertyhive-stamp-duty-calculator-scotland.css","\u002Fwp-content\u002Fplugins\u002Fproperty-hive-stamp-duty-calculator\u002Fassets\u002Fcss\u002Fpropertyhive-stamp-duty-calculator-commercial.css","\u002Fwp-content\u002Fplugins\u002Fproperty-hive-stamp-duty-calculator\u002Fassets\u002Fcss\u002Fpropertyhive-stamp-duty-calculator-wales.css",[],[],[235,236,237,238,239,240,241,242],"property-hive-stamp-duty-calculator\u002Fassets\u002Fjs\u002Fpropertyhive-stamp-duty-calculator.js?ver=","property-hive-stamp-duty-calculator\u002Fassets\u002Fjs\u002Fpropertyhive-stamp-duty-calculator-scotland.js?ver=","property-hive-stamp-duty-calculator\u002Fassets\u002Fjs\u002Fpropertyhive-stamp-duty-calculator-commercial.js?ver=","property-hive-stamp-duty-calculator\u002Fassets\u002Fjs\u002Fpropertyhive-stamp-duty-calculator-wales.js?ver=","property-hive-stamp-duty-calculator\u002Fassets\u002Fcss\u002Fpropertyhive-stamp-duty-calculator.css?ver=","property-hive-stamp-duty-calculator\u002Fassets\u002Fcss\u002Fpropertyhive-stamp-duty-calculator-scotland.css?ver=","property-hive-stamp-duty-calculator\u002Fassets\u002Fcss\u002Fpropertyhive-stamp-duty-calculator-commercial.css?ver=","property-hive-stamp-duty-calculator\u002Fassets\u002Fcss\u002Fpropertyhive-stamp-duty-calculator-wales.css?ver=",{"cssClasses":244,"htmlComments":245,"htmlAttributes":246,"restEndpoints":247,"jsGlobals":248,"shortcodeOutput":249},[],[],[],[],[],[250,251,252,253],"[stamp_duty_calculator]","[stamp_duty_calculator_scotland]","[stamp_duty_calculator_commercial]","[stamp_duty_calculator_wales]"]