cleantalk
Vulnerabilities and Security Researches

Request a Quote, CVE-2024-6231

CVE, Research URL

CVE-2024-6231

Home page URL

Security reports for Request a Quote

Application

Request a Quote

Published on
Jul 23, 2024
Research Description
The Request a Quote WordPress plugin before 2.4.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Affected versions
Min -, max 2.4.1.
Status
vulnerable
Previous vulnerability researches
ELEX WooCommerce Request a Quote (CVE-2025-31406) , Apr 02, 2025
Request a Quote (CVE-2025-8420) , Aug 06, 2025
Request a Quote (CVE-2022-2240) , Jun 07, 2024
Request a Quote (CVE-2021-24420) , Jun 07, 2024
Request a Quote (CVE-2021-24489) , Jun 07, 2024
New vulnerability
Gutenverse – Gutenberg Blocks – Page Builder for Site Editor (CVE-2025-7727) , Aug 07, 2025
Flex Guten – A Multipurpose Gutenberg Blocks Plugin (CVE-2025-6256) , Aug 07, 2025
Simple File List (CVE-2025-54021) , Aug 07, 2025
Newsletters (CVE-2025-54034) , Aug 07, 2025
FileBird – WordPress Media Library Folders & File Manager (CVE-2025-6986) , Aug 07, 2025