Codeinitiator

codeinitiator

2 CVEs • 2 products

Products (2)

Click to collapse

Toggle

Fitness Calculators

fitness_calculators

1 CVE

Fitness Calculators Plugin

fitness_calculators_plugin

1 CVE

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-40552 1Codeinitiator 1Fitness Calculators Plugin Jun 17, 2026 Sep 6, 2023 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gurcharan Singh Fitness calculators plugin plugin <= 2.0.7 versions.
CVE-2021-24272 1Codeinitiator 1Fitness Calculators Jun 17, 2026 May 5, 2021 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 The fitness calculators WordPress plugin before 1.9.6 add calculators for Water intake, BMI calculator, protein Intake, and Body Fat and was lacking CSRF check, allowing attackers to make logged in users perform unwanted...Show more The fitness calculators WordPress plugin before 1.9.6 add calculators for Water intake, BMI calculator, protein Intake, and Body Fat and was lacking CSRF check, allowing attackers to make logged in users perform unwanted actions, such as change the calculator headers. Due to the lack of sanitisation, this could also lead to a Stored Cross-Site Scripting issueShow less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2023-40552

1Codeinitiator

1Fitness Calculators Plugin

Jun 17, 2026

Sep 6, 2023

N/A· v4

4.8 MEDIUM· v3

N/A· v2

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gurcharan Singh Fitness calculators plugin plugin <= 2.0.7 versions.

CVE-2021-24272

1Codeinitiator

1Fitness Calculators

Jun 17, 2026

May 5, 2021

N/A· v4

4.3 MEDIUM· v3

4.3 MEDIUM· v2

The fitness calculators WordPress plugin before 1.9.6 add calculators for Water intake, BMI calculator, protein Intake, and Body Fat and was lacking CSRF check, allowing attackers to make logged in users perform unwanted actions, such as change the calculator headers. Due to the lack of sanitisation, this could also lead to a Stored Cross-Site Scripting issueShow less