77 matches found
WordPress Request a Quote – Quote Forms for Any WordPress Site plugin <= 2.5.5 - Unauthenticated Code Injection vulnerability
Unauthenticated Code Injection vulnerability discovered by Mitchell in WordPress Plugin Request a Quote versions = 2.5.5...
CVE-2026-14249
The Request a Quote plugin for WordPress is vulnerable to Code Injection in versions up to, and including, 2.5.5 via the emddeletefile AJAX action. This is due to the emddeletefile handler deriving a PHP function name from the attacker-controlled $POST'path' parameter and invoking it dynamically...
CVE-2026-14249
The Request a Quote plugin for WordPress is vulnerable to Code Injection in versions up to, and including, 2.5.5 via the emddeletefile AJAX action. This is due to the emddeletefile handler deriving a PHP function name from the attacker-controlled $POST'path' parameter and invoking it dynamically...
CVE-2026-14249 Request a Quote Form Plugin <= 2.5.5 - Unauthenticated Code Injection via 'path' Parameter
The Request a Quote plugin for WordPress is vulnerable to Code Injection in versions up to, and including, 2.5.5 via the emddeletefile AJAX action. This is due to the emddeletefile handler deriving a PHP function name from the attacker-controlled $POST'path' parameter and invoking it dynamically...
PT-2026-54640
Name of the Vulnerable Software and Affected Versions Request a Quote versions prior to 2.5.6 Description The Request a Quote plugin for WordPress allows unauthenticated attackers to perform code injection. The issue occurs because the emd delete file function derives a PHP function name from the...
WordPress Dealia - Request a quote plugin <= 1.0.6 - Missing Authorization to Authenticated (Contributor+) Plugin Configuration Reset vulnerability
WordPress Dealia - Request a quote plugin = 1.0.6 - Missing Authorization to Authenticated Contributor+ Plugin Configuration Reset vulnerability discovered by Ronnachai Sretawat Na Ayutaya Simonhaskelly - Reconix Co., Ltd. in WordPress Plugin Dealia versions = 1.0.6...
CVE-2026-24366
Missing Authorization vulnerability in YITHEMES YITH WooCommerce Request A Quote yith-woocommerce-request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH WooCommerce Request A Quote: from n/a through = 2.46.0...
CVE-2026-24366 WordPress YITH WooCommerce Request A Quote plugin <= 2.46.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in YITHEMES YITH WooCommerce Request A Quote yith-woocommerce-request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH WooCommerce Request A Quote: from n/a through = 2.46.0...
PT-2026-4258
Missing Authorization vulnerability in YITHEMES YITH WooCommerce Request A Quote yith-woocommerce-request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH WooCommerce Request A Quote: from n/a through = 2.46.0...
WordPress YITH WooCommerce Request A Quote plugin <= 2.46.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by PPzzAArr in WordPress Plugin YITH WooCommerce Request A Quote versions = 2.46.0...
CVE-2025-64248
Missing Authorization vulnerability in emarket-design Request a Quote request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Request a Quote: from n/a through = 2.5.3...
EUVD-2025-203602
Missing Authorization vulnerability in emarket-design Request a Quote request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Request a Quote: from n/a through = 2.5.3...
CVE-2025-64248
Missing Authorization vulnerability in emarket-design Request a Quote request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Request a Quote: from n/a through = 2.5.3...
CVE-2025-64248 WordPress Request a Quote plugin <= 2.5.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in emarket-design Request a Quote request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Request a Quote: from n/a through = 2.5.3...
CVE-2025-64248 WordPress Request a Quote plugin <= 2.5.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in emarket-design Request a Quote request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Request a Quote: from n/a through = 2.5.3...
CVE-2025-64248
Technical details for CVE-2025-64248 are not provided in the supplied documents; no affected products, root cause, or remediation are disclosed here. Monitor for updates from official advisories.
WordPress plugin Request a Quote 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A security...
PT-2025-51396
Name of the Vulnerable Software and Affected Versions emarket-design versions through 2.5.3 Description An authorization issue exists in the Request a Quote functionality of emarket-design. The issue involves incorrectly configured access control security levels, potentially allowing unauthorized...
EUVD-2021-11401
Malware in sbrugna...
EUVD-2023-28665
Malicious code in bioql PyPI...