WordPress Request a Quote plugin <= 2.3.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

2022-06-2800:00:00

Benachi

patchstack.com

wordpress

request a quote

plugin

authenticated

stored

cross-site scripting

benachi

deactivate

delete

temporary

closure

review

EPSS

0.001

Percentile

24.8%

JSON

Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered by Benachi in WordPress Request a Quote plugin (versions <= 2.3.7).

Solution

Deactivate and delete. This plugin has been closed as of June 21, 2022 and is not available for download. This closure is temporary, pending a full review.

References

wpscan.com/vulnerability/42127d96-547f-46cb-95d0-a19a8fe7580e

EPSS

0.001

Percentile

24.8%

JSON

Related for PATCHSTACK:CAEFB95F2120403D00F9A098E9852359