8 matches found
CVE-2026-24366
Missing Authorization vulnerability in YITHEMES YITH WooCommerce Request A Quote yith-woocommerce-request-a-quote allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YITH WooCommerce Request A Quote: from n/a through = 2.46.0...
WordPress Request a Quote plugin <= 2.5.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Request a Quote versions = 2.5.3...
CVE-2022-3942
A vulnerability was found in SourceCodester Sanitization Management System and classified as problematic. This issue affects some unknown processing of the file php-sms/?p=requestquote. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-213449...
WordPress Request a Quote Plugin < 2.4.1 is vulnerable to Cross Site Scripting (XSS)
Software Request a Quote Type Plugin Vulnerable versions 2.4.1 Fixed in 2.4.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6231 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f268c6d3e880 Credits Bob Matyas Required...
Cross site scripting
A vulnerability was found in SourceCodester Sanitization Management System and classified as problematic. This issue affects some unknown processing of the file php-sms/?p=requestquote. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-213449...
CVE-2022-2239
The Request a Quote WordPress plugin before 2.3.9 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...
PT-2021-16012 · WordPress +1 · Request A Quote +1
Name of the Vulnerable Software and Affected Versions: Request a Quote WordPress plugin versions prior to 2.3.9 Description: The issue is related to authenticated Stored Cross-Site Scripting, which occurs due to the lack of sanitization, validation, or escaping of some settings in the admin...
searchenginegenie.com XSS vulnerability
Open Bug Bounty ID: OBB-410830 Description| Value ---|--- Affected Website:| searchenginegenie.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...