Request a Quote Form Plugin – Price Quote Request Management Made Easy

Vulnerabilities 12Slug request-a-quoteLatest version 2.5.5WordPress.org →

Minimum safe version

2.5.4

Update to 2.5.4 or later to address 10 fixable vulnerabilities

Latest available2.5.5 ✓Affected up to2.3.7 ⚠

Medium 4.3

2025-12-16< 2.5.4

CVE-2025-64248

CVE Wordfence

N/A

2025-09-23< 2.5.1

Multiple Plugins by eMarket Design <= Various Versions - Authenticated (Contributor+) Stored Cross-Site Scripting

Wordfence CVE

High 8.1

2025-08-06< 2.5.3

WordPress Request a Quote Plugin <= 2.5.2 is vulnerable to Remote Code Execution (RCE)

EUVD Patchstack Wordfence CVE

Medium 5.9

2024-07-23< 2.4.1

CVE-2024-6231

CVE Patchstack Wordfence

N/A

2023-06-30< 2.3.11

WordPress Request a Quote Plugin < 2.3.11 is vulnerable to Cross Site Request Forgery (CSRF)

Patchstack

N/A

2023-06-30< 2.3.11

Request a Quote <= 2.3.10 - Cross-Site Request Forgery

Wordfence

High 8.8

2022-07-25< 2.3.8

CVE-2022-2240

CVE Wordfence

Medium 4.8

2022-07-25< 2.3.9

CVE-2022-2239

CVE Wordfence WPScan

N/A

2022-06-28≤ 2.3.7

WordPress Request a Quote plugin <= 2.3.7 - CSV Injection vulnerability

Patchstack

N/A

2022-06-28≤ 2.3.7

WordPress Request a Quote plugin <= 2.3.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Patchstack

Medium 5.4

2021-07-12< 2.3.4

CVE-2021-24420

CVE Patchstack Wordfence WPScan

Medium 4.8

2021-10-25< 2.3.9

CVE-2021-24489

CVE Patchstack Wordfence WPScan