Product Enquiry For Woocommerce Security Vulnerabilities and Issues — Product Enquiry For Woocommerce CVE List

Lucene search

GravitymasterProduct Enquiry For Woocommerce

3 matches found

CVE•added 2024/07/13 6:15 a.m.•39 views

CVE-2024-3964

The Product Enquiry for WooCommerce WordPress plugin before 3.1.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite s...

5.9CVSS5.2AI score0.00042EPSS

CVE•added 2024/01/22 8:15 p.m.•38 views

CVE-2023-6626

The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite set...

4.8CVSS4.7AI score0.00072EPSS

CVE•added 2024/01/22 8:15 p.m.•27 views

CVE-2023-6625

The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not have a CSRF check in place when deleting inquiries, which could allow attackers to make a logged in admin delete them via a CSRF attack

4.3CVSS4.9AI score0.00044EPSS