cleantalk
Vulnerabilities and Security Researches

Request a Quote, CVE-2021-24420

CVE, Research URL

CVE-2021-24420

Home page URL

Security reports for Request a Quote

Application

Request a Quote

Published on
Jul 13, 2021
Research Description
The Request a Quote WordPress plugin before 2.3.4 did not sanitise and escape some of its quote fields when adding/editing a quote as admin, leading to Stored Cross-Site scripting issues when the quote is output in the 'All Quotes" table.
Affected versions
Min -, max 2.3.7.
Status
vulnerable
Previous vulnerability researches
ELEX WooCommerce Request a Quote (CVE-2025-31406) , Apr 02, 2025
Request a Quote (CVE-2025-8420) , Aug 06, 2025
Request a Quote (CVE-2022-2240) , Jun 07, 2024
Request a Quote (CVE-2021-24420) , Jun 07, 2024
Request a Quote (CVE-2021-24489) , Jun 07, 2024
New vulnerability
Gutenverse – Gutenberg Blocks – Page Builder for Site Editor (CVE-2025-7727) , Aug 07, 2025
Flex Guten – A Multipurpose Gutenberg Blocks Plugin (CVE-2025-6256) , Aug 07, 2025
Simple File List (CVE-2025-54021) , Aug 07, 2025
Newsletters (CVE-2025-54034) , Aug 07, 2025
FileBird – WordPress Media Library Folders & File Manager (CVE-2025-6986) , Aug 07, 2025