Skip to main content

Request A Quote

5 CVEs product

Monthly

CVE-2024-6231 MEDIUM POC This Month

The Request a Quote WordPress plugin before 2.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Request A Quote
NVD WPScan
CVSS 3.1
5.9
EPSS
0.4%
CVE-2022-2240 HIGH POC This Week

The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Code Injection Request A Quote
NVD WPScan
CVSS 3.1
8.8
EPSS
1.2%
CVE-2022-2239 MEDIUM POC This Month

The Request a Quote WordPress plugin before 2.3.9 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Request A Quote
NVD WPScan
CVSS 3.1
4.8
EPSS
0.5%
CVE-2021-24489 MEDIUM POC This Month

The Request a Quote WordPress plugin before 2.3.9 does not sanitise, validate or escape some of its settings in the admin dashboard, leading to authenticated Stored Cross-Site Scripting issues even. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Request A Quote
NVD WPScan
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-24420 MEDIUM POC This Month

The Request a Quote WordPress plugin before 2.3.4 did not sanitise and escape some of its quote fields when adding/editing a quote as admin, leading to Stored Cross-Site scripting issues when the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Request A Quote
NVD WPScan
CVSS 3.1
5.4
EPSS
0.6%
EPSS 0% CVSS 5.9
MEDIUM POC This Month

The Request a Quote WordPress plugin before 2.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Request A Quote
NVD WPScan
EPSS 1% CVSS 8.8
HIGH POC This Week

The Request a Quote WordPress plugin through 2.3.7 does not validate uploaded CSV files, allowing unauthenticated users to attach a malicious CSV file to a quote, which could lead to a CSV injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Code Injection Request A Quote
NVD WPScan
EPSS 1% CVSS 4.8
MEDIUM POC This Month

The Request a Quote WordPress plugin before 2.3.9 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Request A Quote
NVD WPScan
EPSS 1% CVSS 4.8
MEDIUM POC This Month

The Request a Quote WordPress plugin before 2.3.9 does not sanitise, validate or escape some of its settings in the admin dashboard, leading to authenticated Stored Cross-Site Scripting issues even. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Request A Quote
NVD WPScan
EPSS 1% CVSS 5.4
MEDIUM POC This Month

The Request a Quote WordPress plugin before 2.3.4 did not sanitise and escape some of its quote fields when adding/editing a quote as admin, leading to Stored Cross-Site scripting issues when the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Request A Quote
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy