WP-Safety

Stylish Cost Calculator – Quote Generator, Lead Gen & Price Estimator Security & Risk Analysis

wordpress.org/plugins/stylish-cost-calculator

Cost calculator for WordPress: 🌟 Engage visitors and boost conversions with interactive calculations, lead capture, and payment integrations.

2K active installs v8.2.2 PHP 7.0+ WP 4.0+ Updated Mar 10, 2026
cost-calculatorlead-generationprice-calculatorquote-calculatorsales-funnel-builder
72
B · Generally Safe
CVEs total4
Unpatched1
Last CVEJan 9, 2026
Plugin page Download
Safety Verdict

Is Stylish Cost Calculator – Quote Generator, Lead Gen & Price Estimator Safe to Use in 2026?

Mostly Safe

Score 72/100

Stylish Cost Calculator – Quote Generator, Lead Gen & Price Estimator is generally safe to use. 4 past CVEs were resolved. Keep it updated.

4 known CVEs 1 unpatched Last CVE: Jan 9, 2026Updated 24d ago
Risk Assessment

The "stylish-cost-calculator" v8.2.2 plugin exhibits a mixed security posture. While it demonstrates good practices in using prepared statements for SQL queries (78%) and proper output escaping (85%), several concerning areas require attention. The presence of 3 AJAX handlers without authentication checks represents a significant attack surface that could be exploited by unauthenticated users.

The taint analysis reveals 16 high-severity flows with unsanitized paths, indicating potential vulnerabilities related to improper input handling. This, coupled with a history of 4 medium-severity CVEs, with one still unpatched, suggests recurring issues with missing authorization and cross-site scripting.

Overall, the plugin has potential strengths in its use of secure coding practices for database interactions and output rendering. However, the identified unauthenticated entry points, high-severity taint flows, and historical vulnerability patterns indicate that the plugin is not entirely secure and requires further review and remediation to mitigate potential risks.

Key Concerns

  • AJAX handlers without authentication checks
  • High severity taint flows with unsanitized paths
  • Unpatched CVE
  • Vulnerability history indicating common types (Auth, XSS)
  • Low capability check coverage
Vulnerabilities
4

Stylish Cost Calculator – Quote Generator, Lead Gen & Price Estimator Security Vulnerabilities

CVEs by Year

1 CVE in 2021
2021
1 CVE in 2022
2022
1 CVE in 2025
2025
1 CVE in 2026 · unpatched
2026
Patched Has unpatched

Severity Breakdown

Medium
4

4 total CVEs

CVE-2026-24630medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Stylish Cost Calculator <= 8.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

Jan 9, 2026Unpatched
CVE-2025-66091medium · 6.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Stylish Cost Calculator <= 8.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

Nov 14, 2025 Patched in 8.1.6 (11d)
WF-84003388-c47c-41db-8d2d-4643aa375a89-stylish-cost-calculatormedium · 4.3Missing Authorization

Appsero <= 1.2.1 - Missing Authorization

Dec 16, 2022 Patched in 7.3.7 (699d)
CVE-2021-24822medium · 5.4Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Stylish Cost Calculator <= 7.0.3 - Stored Cross-Site Scripting

Nov 1, 2021 Patched in 7.0.4 (813d)
Code Analysis
Analyzed Mar 16, 2026

Stylish Cost Calculator – Quote Generator, Lead Gen & Price Estimator Code Analysis

Dangerous Functions
0
Raw SQL Queries
47
170 prepared
Unescaped Output
457
2659 escaped
Nonce Checks
60
Capability Checks
1
File Operations
15
External Requests
18
Bundled Libraries
1

Bundled Libraries

dompdf

SQL Query Safety

78% prepared217 total queries

Output Escaping

85% escaped3116 total outputs
Data Flows
18 unsanitized

Data Flow Analysis

24 flows18 with unsanitized paths
scc_addCheckboxItems (stylish-cost-ajax.php:1435)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
3 unprotected

Stylish Cost Calculator – Quote Generator, Lead Gen & Price Estimator Attack Surface

Entry Points59
Unprotected3

AJAX Handlers 57

authwp_ajax_scc_submit_support_requestadmin\controllers\support-controller.php:8
authwp_ajax_scc_notification_dismisscron\notifications.php:11
authwp_ajax_sccCalculatorOpstylish-cost-ajax.php:20
authwp_ajax_sscLoadExamplestylish-cost-ajax.php:26
authwp_ajax_sccAddCheckboxItemsstylish-cost-ajax.php:28
authwp_ajax_sccAddElementCheckboxstylish-cost-ajax.php:29
authwp_ajax_sccAddElementCommentBoxstylish-cost-ajax.php:30
authwp_ajax_sccAddElementQuantityBoxstylish-cost-ajax.php:31
authwp_ajax_sccAddElementFileUploadstylish-cost-ajax.php:32
authwp_ajax_sccAddElementTextHtmlstylish-cost-ajax.php:34
authwp_ajax_sccAddElementDatestylish-cost-ajax.php:35
authwp_ajax_sccAddElementSliderstylish-cost-ajax.php:36
authwp_ajax_sccSaveSectionstylish-cost-ajax.php:37
authwp_ajax_sccDelSectionstylish-cost-ajax.php:38
authwp_ajax_sccUpSectionstylish-cost-ajax.php:39
authwp_ajax_sccDelSubsectionstylish-cost-ajax.php:40
authwp_ajax_sccAddSubsectionstylish-cost-ajax.php:41
authwp_ajax_sccDelElementstylish-cost-ajax.php:42
authwp_ajax_sccDelElementItemstylish-cost-ajax.php:43
authwp_ajax_sccAddElementSwichoptionstylish-cost-ajax.php:44
authwp_ajax_sccUpElementstylish-cost-ajax.php:45
authwp_ajax_sccUpElementOrderstylish-cost-ajax.php:46
authwp_ajax_sccUpElementItemSwichoptionstylish-cost-ajax.php:47
authwp_ajax_sccAddElementDropdownMenustylish-cost-ajax.php:48
authwp_ajax_sccUpElementItemSliderstylish-cost-ajax.php:49
authwp_ajax_sccAddElementItemSliderstylish-cost-ajax.php:50
authwp_ajax_sccSaveFormstylish-cost-ajax.php:52
authwp_ajax_sccPreviewOneFormstylish-cost-ajax.php:54
authwp_ajax_sccDuplicateElementstylish-cost-ajax.php:56
authwp_ajax_sccGlobalSettingsstylish-cost-ajax.php:57
authwp_ajax_sccMigrateAuto2stylish-cost-ajax.php:60
authwp_ajax_sccUpdateSectionOrderstylish-cost-ajax.php:64
authwp_ajax_scc_update_value_6_by_idstylish-cost-ajax.php:65
authwp_ajax_sccPDFSettingsstylish-cost-ajax.php:67
authwp_ajax_scc_feedback_managestylish-cost-ajax.php:68
authwp_ajax_scc_get_debug_itemsstylish-cost-ajax.php:69
authwp_ajax_scc_update_slider_rangesstylish-cost-ajax.php:70
authwp_ajax_scc_send_wizard_quiz_datastylish-cost-ajax.php:71
authwp_ajax_scc_set_telemetry_statestylish-cost-ajax.php:72
authwp_ajax_df_scc_uninstall_surveystylish-cost-ajax.php:73
authwp_ajax_scc_skip_premium_demo_modalstylish-cost-ajax.php:75
authwp_ajax_scc_ai_wizard_requeststylish-cost-ajax.php:77
authwp_ajax_scc_ai_wizard_add_elementsstylish-cost-ajax.php:78
authwp_ajax_scc_ai_wizard_add_calculator_settingsstylish-cost-ajax.php:79
authwp_ajax_scc_ai_check_licensestylish-cost-ajax.php:80
authwp_ajax_scc_get_smtp_statusstylish-cost-ajax.php:81
authwp_ajax_scc_get_email_log_statusstylish-cost-ajax.php:82
authwp_ajax_scc_check_woocommerce_configstylish-cost-ajax.php:83
authwp_ajax_scc_ai_check_creditsstylish-cost-ajax.php:84
authwp_ajax_scc_ai_get_site_info_with_aistylish-cost-ajax.php:85
authwp_ajax_scc_sync_wizard_suggestions_statestylish-cost-ajax.php:86
authwp_ajax_scc_skip_welcome_modalstylish-cost-ajax.php:87
authwp_ajax_scc_update_calculator_data_schemastylish-cost-ajax.php:89
authwp_ajax_scc_get_icon_liststylish-cost-ajax.php:91
authwp_ajax_scc_get_edit_page_calc_configstylish-cost-ajax.php:92
noprivwp_ajax_sccUpdateUrlStatsstylish-cost-ajax.php:96
authwp_ajax_sccUpdateUrlStatsstylish-cost-ajax.php:97

Shortcodes 2

[scc_calculator] stylish-cost-calculator.php:120
[scc_calculator-total] stylish-cost-calculator.php:121
WordPress Hooks 42
filterqueryadmin\controllers\conditionController.php:25
actionadmin_initadmin\controllers\initialSetupWizardController.php:14
actioninitadmin\integrations\gutenberg-block\class-scc-gutenberg-block.php:33
actionenqueue_block_editor_assetsadmin\integrations\gutenberg-block\class-scc-gutenberg-block.php:34
actionadmin_footeradmin\views\adminFooter.php:9
actionadmin_menuadmin\views\calculatorQuotes.php:20
actionadmin_headadmin\views\calculatorQuotes.php:21
actionscc_get_quote_form_fieldsadmin\views\calculatorQuotes.php:54
actionadmin_menuadmin\views\coupons.php:11
actionadmin_menuadmin\views\diagnostic.php:14
actionscc_render_noticesadmin\views\partials\notificationBox.php:3
actionscc_render_try_demo_noticesadmin\views\partials\notificationBox.php:10
actionadmin_enqueue_scriptsadmin\views\support.php:12
actionadmin_footeradmin\views\uninstallSurveyModal.php:8
actionscc_notifications_fetch_eventcron\notifications.php:10
actionelementor/widgets/registerelementor-widgets\class-scc-elementor-widget-init.php:28
actiondf_scc_print_quote_formfrontend\controllers\frontendController.php:35
actionadmin_footerfunctions.php:555
actionadmin_initfunctions.php:559
actioninitstylish-cost-calculator.php:97
actionadmin_print_scriptsstylish-cost-calculator.php:103
actionupgrader_process_completestylish-cost-calculator.php:106
actionadmin_menustylish-cost-calculator.php:108
actioncurrent_screenstylish-cost-calculator.php:109
filteraioseo_conflicting_shortcodesstylish-cost-calculator.php:111
actionwp_enqueue_scriptsstylish-cost-calculator.php:123
actionadmin_enqueue_scriptsstylish-cost-calculator.php:125
actionadmin_bar_menustylish-cost-calculator.php:128
actionplugins_loadedstylish-cost-calculator.php:129
actionwp_footerstylish-cost-calculator.php:616
actionwp_footerstylish-cost-calculator.php:626
actionwp_footerstylish-cost-calculator.php:654
filtercron_schedulesstylish-cost-sero.php:10
actionscc-edit-pagestylish-cost-sero.php:27
actionadmin_print_stylesstylish-cost-sero.php:28
filterrocket_exclude_jsutils\class-cache-plugins-exclusion-hook.php:15
filterlitespeed_optimize_js_excludesutils\class-cache-plugins-exclusion-hook.php:16
filterflying_press_exclude_from_minify:jsutils\class-cache-plugins-exclusion-hook.php:17
filterflying_press_exclude_from_defer:jsutils\class-cache-plugins-exclusion-hook.php:18
filterflying_press_exclude_from_delay:jsutils\class-cache-plugins-exclusion-hook.php:19
filterautoptimize_filter_js_excludeutils\class-cache-plugins-exclusion-hook.php:20
filterw3tc_minify_js_do_tag_minificationutils\class-cache-plugins-exclusion-hook.php:21

Scheduled Events 2

scc_notifications_fetch_event
scc_notifications_fetch_event
Maintenance & Trust

Stylish Cost Calculator – Quote Generator, Lead Gen & Price Estimator Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4
Last updatedMar 10, 2026
PHP min version7.0
Downloads216K

Community Trust

Rating96/100
Number of ratings174
Active installs2K
Alternatives

Stylish Cost Calculator – Quote Generator, Lead Gen & Price Estimator Alternatives

ConvertCalculator: Build Cost, Price, Quotation, ROI Interactive Calculators

ConvertCalculator: Build Cost, Price, Quotation, ROI Interactive Calculators

convertcalculator

A
99

Easily build calculators for your landing pages and web applications with Convert_'s intuitive calculator builder.

900 2 CVEs
Project Cost Calculator

Project Cost Calculator

project-cost-calculator

C
63

Best Project Cost Calculator For WordPress Agencies ★★★★★ WordPress project cost calculator is a free plugin that displays an estimate of what your p &hellip;

100 1 unpatched
PriceWise Calculator Pro – Extra Product Options for WooCommerce

PriceWise Calculator Pro – Extra Product Options for WooCommerce

pricewise-calculator-pro

A
100

A free WooCommerce price calculator plugin. Customers enter their measurements or quantities, and the price updates on the spot.

0 No CVEs
Hostinger Reach – AI-Powered Email Marketing for WordPress

Hostinger Reach – AI-Powered Email Marketing for WordPress

hostinger-reach

A
100

Launch and grow your email marketing effortlessly with Hostinger Reach. Collect contacts, sync subscribers, and send emails – all in one, AI powered.

1.0M No CVEs
CartFlows – Funnel Builder & Checkout Plugin for WooCommerce

CartFlows – Funnel Builder & Checkout Plugin for WooCommerce

cartflows

A
97

1 WordPress funnel builder & WooCommerce checkout plugin. Boost AOV with one-click upsells, order bumps & high-converting checkout pages.

200K 6 CVEs
Developer Profile

Stylish Cost Calculator – Quote Generator, Lead Gen & Price Estimator Developer Profile

Design

5 plugins · 5K total installs

71
trust score
Avg Security Score
89/100
Avg Patch Time
359 days
View full developer profile
Detection Fingerprints

How We Detect Stylish Cost Calculator – Quote Generator, Lead Gen & Price Estimator

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/stylish-cost-calculator/assets/css/frontend.css/wp-content/plugins/stylish-cost-calculator/assets/css/fancybox.css/wp-content/plugins/stylish-cost-calculator/assets/js/frontend.js/wp-content/plugins/stylish-cost-calculator/assets/js/moment.min.js/wp-content/plugins/stylish-cost-calculator/assets/js/fancybox.umd.js/wp-content/plugins/stylish-cost-calculator/assets/js/price.js/wp-content/plugins/stylish-cost-calculator/assets/js/select2.min.js/wp-content/plugins/stylish-cost-calculator/assets/css/select2.min.css+9 more
Script Paths
/wp-content/plugins/stylish-cost-calculator/assets/js/frontend.js/wp-content/plugins/stylish-cost-calculator/assets/js/moment.min.js/wp-content/plugins/stylish-cost-calculator/assets/js/fancybox.umd.js/wp-content/plugins/stylish-cost-calculator/assets/js/price.js/wp-content/plugins/stylish-cost-calculator/assets/js/select2.min.js/wp-content/plugins/stylish-cost-calculator/lib/vue/js/app.js+3 more
Version Parameters
stylish-cost-calculator/assets/css/frontend.css?ver=stylish-cost-calculator/assets/css/fancybox.css?ver=stylish-cost-calculator/assets/js/frontend.js?ver=stylish-cost-calculator/assets/js/moment.min.js?ver=stylish-cost-calculator/assets/js/fancybox.umd.js?ver=stylish-cost-calculator/assets/js/price.js?ver=stylish-cost-calculator/assets/js/select2.min.js?ver=stylish-cost-calculator/assets/css/select2.min.css?ver=stylish-cost-calculator/lib/vue/css/app.css?ver=stylish-cost-calculator/lib/vue/js/app.js?ver=stylish-cost-calculator/lib/vue/js/chunk-vendors.js?ver=stylish-cost-calculator/assets/css/admin.css?ver=stylish-cost-calculator/assets/js/admin.js?ver=stylish-cost-calculator/assets/js/jquery.nice-select.js?ver=stylish-cost-calculator/assets/css/jquery.nice-select.css?ver=stylish-cost-calculator/assets/css/animate.min.css?ver=stylish-cost-calculator/assets/css/scc-frontend-styles.css?ver=

HTML / DOM Fingerprints

CSS Classes
scc-calculator-wrapperscc-calculator-fieldscc-form-builder-wrapperscc-form-builder-fielddf-scc-editor-wrapper
HTML Comments
<!-- START SCC SHORTCODE --><!-- END SCC SHORTCODE --><!-- START SCC FORM BUILDER --><!-- END SCC FORM BUILDER -->+10 more
Data Attributes
data-scc-iddata-form-iddata-scc-form-iddata-calc-id
JS Globals
scc_frontend_datascc_admin_dataSCC_FrontendSCC_FormBuilder
REST Endpoints
/wp-json/scc/v1/get_form_data/wp-json/scc/v1/save_form_data/wp-json/scc/v1/get_all_forms/wp-json/scc/v1/delete_form/wp-json/scc/v1/duplicate_form/wp-json/scc/v1/get_form_builder_data
Shortcode Output
[scc_calculator][scc_calculator-total]
FAQ

Frequently Asked Questions about Stylish Cost Calculator – Quote Generator, Lead Gen & Price Estimator