cleantalk
Vulnerabilities and Security Researches

Email Inquiry & Cart Options for WooCommerce, CVE-2026-24526

CVE, Research URL

CVE-2026-24526

Home page URL

Security reports for Email Inquiry & Cart Options for WooCommerce

Application

Email Inquiry & Cart Options for WooCommerce

Published on
Jan 23, 2026
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Steve Truman Email Inquiry &amp; Cart Options for WooCommerce woocommerce-email-inquiry-cart-options allows DOM-Based XSS.This issue affects Email Inquiry &amp; Cart Options for WooCommerce: from n/a through <= 3.4.3.
Affected versions
max 3.4.3.
Status
vulnerable
Previous vulnerability researches
Inquiry cart (CVE-2026-4090) , Apr 23, 2026
Inquiry cart (CVE-2024-5155) , Jun 06, 2024
Email Inquiry &amp; Cart Options for WooCommerce (CVE-2026-24526) , Jan 27, 2026
New vulnerability
Portfolio &amp; Image Gallery for WordPress | PowerFolio (CVE-2025-57932) , Apr 24, 2026
Bold Page Builder (CVE-2025-7730) , Apr 24, 2026
Flexi &#8211; Guest Submit (CVE-2025-9129) , Apr 24, 2026
Maps for WP (CVE-2025-57952) , Apr 24, 2026
Poll Maker &#8211; Best WordPress Poll Plugin (CVE-2025-57954) , Apr 24, 2026