Product Enquiry For Woocommerce Security Vulnerabilities and Issues — Product Enquiry For Woocommerce CVE List

Lucene search

GravitymasterProduct Enquiry For Woocommerce

5 matches found

CVE•added 2023/12/18 11:15 p.m.•59 views

CVE-2023-49761

Cross-Site Request Forgery (CSRF) vulnerability in Gravity Master Product Enquiry for WooCommerce.This issue affects Product Enquiry for WooCommerce: from n/a through 3.0.

8.8CVSS7AI score0.00059EPSS

CVE•added 2024/07/13 6:15 a.m.•39 views

CVE-2024-3964

The Product Enquiry for WooCommerce WordPress plugin before 3.1.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite s...

5.9CVSS5.2AI score0.00042EPSS

CVE•added 2024/01/22 8:15 p.m.•38 views

CVE-2023-6626

The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite set...

4.8CVSS4.7AI score0.00072EPSS

CVE•added 2023/11/13 11:15 p.m.•33 views

CVE-2023-47696

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Gravity Master Product Enquiry for WooCommerce plugin

7.1CVSS5.9AI score0.00096EPSS

CVE•added 2024/01/22 8:15 p.m.•27 views

CVE-2023-6625

The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not have a CSRF check in place when deleting inquiries, which could allow attackers to make a logged in admin delete them via a CSRF attack

4.3CVSS4.9AI score0.00044EPSS