Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation 1.4

  • Severity: high-risk
  • Status: Fixed
  • Publication: November 22, 2024

A plugin for WordPress called “Request a Quote” has a problem where it can run shortcodes without checking if they are safe first. This means that people who are not logged in can use this to run any code they want.

Detected in:

Request a Quote for WooCommerce – Get a Quote Button – Product Enquiry Form Popup – Product Quotation fixed vulnerable versions:
Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation fixed vulnerable versions: >= * <= 1.4

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.