Lucene search
K

86 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-34518

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.01184EPSS
Exploits2References1
patchstack
patchstack
added 2025/09/23 2:14 a.m.6 views

WordPress Request a Quote plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Request a Quote versions = 2.5.0...

6.5CVSS5.8AI score0.00159EPSS
Exploits0Affected Software1
cnvd
cnvd
added 2025/08/18 12:0 a.m.4 views

WordPress Request a Quote Form plugin code execution vulnerability

WordPress Request a Quote Form plugin is a plugin for collecting and managing quote requests with support for custom forms and centralized processing for quote requests for products, services or custom orders. A code execution vulnerability exists in the WordPress Request a Quote Form plugin that...

8.1CVSS8.5AI score0.0096EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/08/06 2:24 a.m.4 views

CVE-2025-8420 Multiple Plugins by emarket-design <= Multiple Versions - Unauthenticated Limited Remote Code Execution

Multiple plugins for WordPress by emarket-design with the 'emd-form-builder-lite' package are vulnerable to Remote Code Execution in various versions via the emdformbuilderlitepagenum function. This is due to the plugin not properly validating user input before using it as a function name. This...

8.1CVSS6.1AI score0.0096EPSS
Exploits0References9
cve
cve
added 2025/08/06 2:24 a.m.37 views

CVE-2025-8420

CVE-2025-8420 affects the WordPress plugin “Request a Quote Form”. The vulnerability arises from improper validation of user input used as a function name within the emd_form_builder_lite_pagenum routine, allowing unauthenticated remote code execution on affected servers. Affected versions are re...

8.1CVSS6.2AI score0.0096EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2025/08/06 12:0 a.m.9 views

PT-2025-32081 · WordPress · Request A Quote Form

Name of the Vulnerable Software and Affected Versions: Request a Quote Form plugin for WordPress versions prior to 2.5.3 Description: The Request a Quote Form plugin for WordPress is susceptible to Remote Code Execution due to improper validation of user input before it is used as a function name...

8.1CVSS7.7AI score0.0096EPSS
Exploits0References5
cnnvd
cnnvd
added 2025/08/06 12:0 a.m.6 views

WordPress plugin Request a Quote Form 安全漏洞

WordPress Request a Quote Form plugin is a plugin for collecting and managing quote requests with support for custom forms and centralized processing for quote requests for products, services or custom orders. A code execution vulnerability exists in the WordPress Request a Quote Form plugin that...

8.1CVSS8.3AI score0.0096EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/23 7:59 a.m.19 views

CVE-2024-6231

The Request a Quote WordPress plugin before 2.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/23 1:54 a.m.8 views

CVE-2023-24654

Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Request a Quote function...

8.8CVSS8.3AI score0.01048EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/05/22 6:24 p.m.14 views

CVE-2021-24420

The Request a Quote WordPress plugin before 2.3.4 did not sanitise and escape some of its quote fields when adding/editing a quote as admin, leading to Stored Cross-Site scripting issues when the quote is output in the 'All Quotes" table...

5.4CVSS6AI score0.00624EPSS
Exploits2References1
nvd
nvd
added 2025/03/31 9:15 a.m.10 views

CVE-2025-31406

Missing Authorization vulnerability in ELEXtensions ELEX WooCommerce Request a Quote elex-request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ELEX WooCommerce Request a Quote: from n/a through = 2.3.9...

4.3CVSS0.00288EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/03/31 8:34 a.m.4 views

CVE-2025-31406 WordPress ELEX WooCommerce Request a Quote plugin <= 2.3.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in ELEXtensions ELEX WooCommerce Request a Quote elex-request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ELEX WooCommerce Request a Quote: from n/a through = 2.3.9...

4.3CVSS8.6AI score0.00288EPSS
Exploits0References1
patchstack
patchstack
added 2025/03/31 8:33 a.m.4 views

WordPress ELEX WooCommerce Request a Quote plugin <= 2.3.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin ELEX WooCommerce Request a Quote versions = 2.3.9...

4.3CVSS8.2AI score0.00288EPSS
Exploits0Affected Software1
nvd
nvd
added 2024/11/23 12:15 p.m.24 views

CVE-2024-11034

The The Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation plugin for WordPress is vulnerable to arbitrary shortcode execution via firecontactform AJAX action in all versions up to, and including, 1.4. This is due to the software...

7.3CVSS0.00727EPSS
Exploits0References4
patchstack
patchstack
added 2024/11/23 5:16 a.m.3 views

WordPress Request a Quote for WooCommerce and Elementor plugin <= 1.4 - Unauthenticated Arbitrary Shortcode Execution via fire_contact_form vulnerability

Unauthenticated Arbitrary Shortcode Execution via firecontactform vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Request a Quote for WooCommerce and Elementor versions = 1.4...

7.3CVSS7.1AI score0.00727EPSS
Exploits0References1Affected Software1
nvd
nvd
added 2024/10/31 7:15 a.m.21 views

CVE-2024-9430

The Get Quote For Woocommerce – Request A Quote For Woocommerce plugin for WordPress is vulnerable to unauthorized access of Quote data due to a missing capability check on the cttepfwwploaded function in all versions up to, and including, 1.0.0. This makes it possible for unauthenticated attacke...

5.3CVSS0.0035EPSS
Exploits0References2
patchstack
patchstack
added 2024/07/23 6:33 a.m.4 views

WordPress Request a Quote plugin < 2.4.1 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Request a Quote versions 2.4.1...

5.9CVSS6.1AI score0.00369EPSS
Exploits1References1Affected Software1
nvd
nvd
added 2024/07/23 6:15 a.m.44 views

CVE-2024-6231

The Request a Quote WordPress plugin before 2.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS0.00369EPSS
Exploits1References1
osv
osv
added 2024/07/23 6:15 a.m.3 views

CVE-2024-6231

The Request a Quote WordPress plugin before 2.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.8AI score0.00369EPSS
Exploits1References1
cnnvd
cnnvd
added 2024/07/23 12:0 a.m.5 views

WordPress plugin Request a Quote 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

5.9CVSS6AI score0.00369EPSS
Exploits1References2
Rows per page
Query Builder