CVEs (6)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Gravitymaster 1Product Enquiry For Woocommerce Jun 17, 2026 Jan 22, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even...Show more |
1Gravitymaster 1Product Enquiry For Woocommerce Jun 17, 2026 Jan 22, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not have a CSRF check in place when deleting inquiries, which could allow attackers to make a logged in admin delete them via a CSRF attack |
2Gravitymaster Piwebsolution2Product Enquiry For Woocommerce Product Enquiry For WoocommerceJun 17, 2026 Jan 16, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The Product Enquiry for WooCommerce WordPress plugin before 3.2 does not sanitise and escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used a...Show more |
1Gravitymaster 1Product Enquiry For Woocommerce Jun 17, 2026 Dec 18, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Gravity Master Product Enquiry for WooCommerce.This issue affects Product Enquiry for WooCommerce: from n/a through 3.0. |
2Gravitymaster Wphive2Product Enquiry For Woocommerce Product Enquiry For WoocommerceJun 17, 2026 Nov 16, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Gravity Master Product Enquiry for WooCommerce plugin <= 3.0 versions. |
1Gravitymaster 1Product Enquiry For Woocommerce Jun 17, 2026 Nov 13, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Gravity Master Product Enquiry for WooCommerce plugin <= 3.0 versions. |