Does Boopis WooCommerce RFQ have any unpatched vulnerabilities?

No. All known vulnerabilities in Boopis WooCommerce RFQ have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Boopis WooCommerce RFQ compatible with WordPress 4.7.32?

According to WordPress.org data, Boopis WooCommerce RFQ 3.0.9 has been tested up to WordPress 4.7.32. Check the plugin's changelog for the latest compatibility information.

How often is Boopis WooCommerce RFQ updated?

Boopis WooCommerce RFQ was last updated on Jul 25, 2024. Frequent updates are generally a positive security signal.

What is Boopis WooCommerce RFQ's security score?

Boopis WooCommerce RFQ has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Boopis WooCommerce RFQ Security & Risk Analysis

wordpress.org/plugins/boopis-woocommerce-rfq

Replaces products with a price of zero to an open form for inquiry

70 active installs v3.0.9 PHP + WP 3.8.0+ Updated Jul 25, 2024

hide-pricequote-requestrequest-quoterfqzero-price

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Boopis WooCommerce RFQ Safe to Use in 2026?

Generally Safe

Score 92/100

Boopis WooCommerce RFQ has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

The "boopis-woocommerce-rfq" plugin v3.0.9 presents a mixed security posture. While it shows a clean vulnerability history with no known CVEs and no bundled libraries, the static analysis reveals several areas of concern regarding its attack surface and code hygiene. A significant portion of its AJAX handlers, specifically 4 out of 6, lack proper authentication checks, creating potential entry points for unauthorized actions. Furthermore, the plugin's SQL queries are not prepared, indicating a risk of SQL injection vulnerabilities, and a concerning percentage of output is not properly escaped, raising concerns about cross-site scripting (XSS) vulnerabilities.

The taint analysis, while limited in scope with only 3 flows analyzed, did identify one flow with unsanitized paths. Although this flow did not reach a critical or high severity in the analysis, it is indicative of potential issues with how user-supplied data is handled, especially when combined with the lack of prepared SQL statements and unescaped output. The presence of nonce checks and capability checks is a positive sign, demonstrating some awareness of WordPress security best practices. However, the lack of these checks on a substantial number of AJAX handlers, coupled with the unescaped output and raw SQL queries, outweighs the strengths and suggests that the plugin requires significant security improvements to be considered robust.

Key Concerns

AJAX handlers without authentication checks
SQL queries without prepared statements
Insufficient output escaping
Flow with unsanitized paths (taint analysis)

Vulnerabilities

None known

Boopis WooCommerce RFQ Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Boopis WooCommerce RFQ Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

68 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

0% prepared1 total queries

Output Escaping

43% escaped159 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

3 flows1 with unsanitized paths

<proposal> (templates\form\proposal.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Boopis WooCommerce RFQ Attack Surface

Entry Points7

Unprotected4

AJAX Handlers 6

authwp_ajax_woocommerce_add_to_quoteincludes\class-boopis-rfq-front.php:50

noprivwp_ajax_woocommerce_add_to_quoteincludes\class-boopis-rfq-front.php:51

authwp_ajax_boopis_rfq_process_formincludes\class-boopis-rfq-front.php:52

noprivwp_ajax_boopis_rfq_process_formincludes\class-boopis-rfq-front.php:53

authwp_ajax_boopis_rfq_process_proposalincludes\class-boopis-rfq-front.php:54

noprivwp_ajax_boopis_rfq_process_proposalincludes\class-boopis-rfq-front.php:55

Shortcodes 1

[boopis_rfq] boopis-rfq.php:32

WordPress Hooks 47

actionplugins_loadedboopis-rfq.php:89

filterwoocommerce_email_classesboopis-rfq.php:90

actionadmin_menuboopis-rfq.php:91

filterplugin_action_linksboopis-rfq.php:92

actionwp_enqueue_scriptsboopis-rfq.php:93

actioninitincludes\class-boopis-rfq-admin.php:12

filterwc_order_statusesincludes\class-boopis-rfq-admin.php:15

filterwc_order_is_editableincludes\class-boopis-rfq-admin.php:17

filterwoocommerce_email_actionsincludes\class-boopis-rfq-admin.php:19

actionadd_meta_boxesincludes\class-boopis-rfq-admin.php:21

actionsave_postincludes\class-boopis-rfq-admin.php:23

actionwoocommerce_order_actionsincludes\class-boopis-rfq-admin.php:25

actionwoocommerce_order_action_boopis_rfq_send_quoteincludes\class-boopis-rfq-admin.php:27

filterwoocommerce_locate_templateincludes\class-boopis-rfq-admin.php:29

filterwoocommerce_locate_core_templateincludes\class-boopis-rfq-admin.php:30

filterwoocommerce_valid_order_statuses_for_paymentincludes\class-boopis-rfq-admin.php:31

filterthe_titleincludes\class-boopis-rfq-admin.php:32

filterwoocommerce_price_htmlincludes\class-boopis-rfq-front.php:12

filterwoocommerce_sale_price_htmlincludes\class-boopis-rfq-front.php:13

filterwoocommerce_get_price_htmlincludes\class-boopis-rfq-front.php:14

filterwoocommerce_variation_price_htmlincludes\class-boopis-rfq-front.php:15

filterwoocommerce_get_variation_price_htmlincludes\class-boopis-rfq-front.php:16

filterwoocommerce_variation_sale_price_htmlincludes\class-boopis-rfq-front.php:17

filterwoocommerce_variable_sale_price_htmlincludes\class-boopis-rfq-front.php:18

filterwoocommerce_variable_price_htmlincludes\class-boopis-rfq-front.php:19

filterwoocommerce_empty_price_htmlincludes\class-boopis-rfq-front.php:23

filterwoocommerce_variable_empty_price_htmlincludes\class-boopis-rfq-front.php:24

filterwoocommerce_variation_empty_price_htmlincludes\class-boopis-rfq-front.php:25

filterwoocommerce_free_price_htmlincludes\class-boopis-rfq-front.php:31

filterwoocommerce_free_sale_price_htmlincludes\class-boopis-rfq-front.php:32

filterwoocommerce_variation_free_price_htmlincludes\class-boopis-rfq-front.php:33

filterwoocommerce_grouped_price_htmlincludes\class-boopis-rfq-front.php:34

filteradd_to_cart_textincludes\class-boopis-rfq-front.php:37

filteradd_to_cart_urlincludes\class-boopis-rfq-front.php:38

filteradd_to_cart_classincludes\class-boopis-rfq-front.php:39

actionwoocommerce_before_add_to_cart_buttonincludes\class-boopis-rfq-front.php:40

actionwoocommerce_after_add_to_cart_buttonincludes\class-boopis-rfq-front.php:41

actionwoocommerce_before_add_to_cart_formincludes\class-boopis-rfq-front.php:42

filterwoocommerce_loop_add_to_cart_linkincludes\class-boopis-rfq-front.php:45

actionbefore_woocommerce_initincludes\class-boopis-rfq-front.php:48

filterwoocommerce_paramsincludes\class-boopis-rfq-front.php:49

actioninitincludes\class-boopis-rfq-front.php:56

actioninitincludes\class-boopis-rfq-front.php:57

actioninitincludes\class-boopis-rfq-session.php:33

actionwoocommerce_order_status_expired-quote_notificationincludes\emails\class-boopis-rfq-customer-email-expired-quote.php:33

actionwoocommerce_order_status_new-quote_to_pending-quote_notificationincludes\emails\class-boopis-rfq-customer-email-pending-quote.php:33

actionwoocommerce_order_status_pending-quote_to_failed-quote_notificationincludes\emails\class-boopis-rfq-email-failed-quote.php:32

Maintenance & Trust

Boopis WooCommerce RFQ Maintenance & Trust

Maintenance Signals

WordPress version tested4.7.32

Last updatedJul 25, 2024

PHP min version

Downloads12K

Community Trust

Rating72/100

Number of ratings17

Active installs70

Alternatives

Boopis WooCommerce RFQ Alternatives

Quotes for WooCommerce

quotes-for-woocommerce

This plugin allows the site admin the ability to accept quote requests for products. Prices can be hidden. No payments will be taken at Checkout.

4K 2 CVEs

Place Order Without Payment for WooCommerce

wc-place-order-without-payment

Place Order Without Payment for WooCommerce will allow users to place orders directly without payment.

3K 1 CVE

Price Quote for WooCommerce

woo-price-quote-inquiry

100

Transform your WooCommerce store into a B2B powerhouse by allowing customers to request price quotes for products instead of direct purchasing.

20 No CVEs

ELEX WooCommerce Catalog Mode

elex-woocommerce-catalog-mode

100

Easily turn your WooCommerce store into catalog mode with the best plugin designed for efficiency and effectiveness.

10K No CVEs

NP Quote Request for WooCommerce

woo-rfq-for-woocommerce

NP Quote Request for WooCommerce enables your customers to easily submit quote requests to your WooCommerce store. Flexible WooCommerce Quote Request!

9K 1 CVE

Developer Profile

Boopis WooCommerce RFQ Developer Profile

David

1 plugin · 70 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Boopis WooCommerce RFQ

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/boopis-woocommerce-rfq/assets/css/styles.css/wp-content/plugins/boopis-woocommerce-rfq/assets/js/frontend/add-to-quote.js

Script Paths

/wp-content/plugins/boopis-woocommerce-rfq/assets/js/frontend/add-to-quote.js

Version Parameters

boopis-woocommerce-rfq/assets/css/styles.css?ver=boopis-woocommerce-rfq/assets/js/frontend/add-to-quote.js?ver=

HTML / DOM Fingerprints

CSS Classes

boopis-rfq-form

HTML Comments

Data Attributes

data-rfq-ajax-url

JS Globals

boopis_rfq_ajax_obj

Shortcode Output

[boopis_rfq]

FAQ