Request a Quote for WooCommerce – Get a Quote Button – Product Enquiry Form Popup – Product Quotation Security & Risk Analysis

wordpress.org/plugins/get-a-quote-button-for-woocommerce

Request a Quote for WooCommerce and Elementor plugin shows a Contact Form 7 or WPForms popup on button click. Quote for WooCommerce, price on request.

6K active installs v1.7.1 PHP 7.4+ WP 6.6+ Updated Mar 13, 2026

quoterequest-a-quoterequest-a-quote-buttonwoocommerce-contact-form-7woocommerce-request-for-quote

A · Safe

CVEs total1

Unpatched0

Last CVENov 22, 2024

Plugin page Download

Safety Verdict

Is Request a Quote for WooCommerce – Get a Quote Button – Product Enquiry Form Popup – Product Quotation Safe to Use in 2026?

Generally Safe

Score 98/100

Request a Quote for WooCommerce – Get a Quote Button – Product Enquiry Form Popup – Product Quotation has a strong security track record. Known vulnerabilities have been patched promptly.

1 known CVELast CVE: Nov 22, 2024Updated 21d ago

Risk Assessment

The 'get-a-quote-button-for-woocommerce' plugin version 1.7.1 presents a mixed security posture. While it demonstrates good practices by utilizing prepared statements for all SQL queries and properly escaping a high percentage of its outputs, there are significant areas of concern. The static analysis revealed two taint flows with unsanitized paths, both classified as high severity. This indicates a potential for sensitive data to be processed or exposed without adequate cleaning, which could lead to vulnerabilities.

The plugin's vulnerability history shows one previously disclosed high-severity vulnerability related to code injection. The fact that this vulnerability is currently patched is positive, but the historical pattern of code injection vulnerabilities, coupled with the current high-severity taint flows, suggests a recurring risk. The absence of nonce checks and capability checks on its entry points is a notable weakness, as it leaves the plugin susceptible to certain types of attacks if the taint flows were exploitable.

In conclusion, while the plugin has strengths in its SQL handling and output escaping, the presence of high-severity unsanitized taint flows and a history of code injection vulnerabilities warrant careful consideration. The lack of explicit authentication and authorization checks on its entry points exacerbates these risks. Continued vigilance and thorough auditing are recommended.

Key Concerns

High severity taint flow with unsanitized path
High severity taint flow with unsanitized path
Missing nonce checks on AJAX handlers
Missing capability checks on entry points
Past high severity vulnerability (Code Injection)

Vulnerabilities

Request a Quote for WooCommerce – Get a Quote Button – Product Enquiry Form Popup – Product Quotation Security Vulnerabilities

CVEs by Year

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

High

1 total CVE

CVE-2024-11034high · 7.3Improper Control of Generation of Code ('Code Injection')

Request a Quote for WooCommerce and Elementor – Get a Quote Button – Product Enquiry Form Popup – Product Quotation <= 1.4 - Unauthenticated Arbitrary Shortcode Execution via fire_contact_form

Nov 22, 2024 Patched in 1.5 (1d)

Code Analysis

Analyzed Mar 16, 2026

Request a Quote for WooCommerce – Get a Quote Button – Product Enquiry Form Popup – Product Quotation Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

95 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

94% escaped101 total outputs

Data Flows

2 unsanitized

Data Flow Analysis

2 flows2 with unsanitized paths

fire_contact_form (includes\class-ajax.php:34)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Request a Quote for WooCommerce – Get a Quote Button – Product Enquiry Form Popup – Product Quotation Attack Surface

Entry Points4

Unprotected0

AJAX Handlers 2

authwp_ajax_fire_contact_formincludes\class-ajax.php:21

noprivwp_ajax_fire_contact_formincludes\class-ajax.php:22

Shortcodes 2

[wpb-quote-button] includes\class-shortcode.php:12

[wpb-quote-button-hook] includes\class-shortcode.php:13

WordPress Hooks 24

actionadmin_initincludes\admin\class.settings-config.php:14

actionadmin_menuincludes\admin\class.settings-config.php:15

actionadmin_menuincludes\admin\class.settings-config.php:16

actionadmin_enqueue_scriptsincludes\admin\class.settings-config.php:17

filterwpforms_current_user_canincludes\class-ajax.php:45

filterwpforms_global_assetsincludes\class-shortcode.php:80

actionwpb_gqb_custom_wc_hookincludes\class-woocommerce.php:40

actionwoocommerce_product_options_general_product_dataincludes\class-woocommerce.php:42

actionwoocommerce_process_product_metaincludes\class-woocommerce.php:43

actioninitincludes\functions.php:55

filterwpcf7_form_class_attrincludes\functions.php:56

actionwpcf7_initincludes\functions.php:71

actionwpb_gqb_after_settings_pageincludes\functions.php:101

actionadmin_noticesmain.php:45

actionafter_setup_thememain.php:78

actionactivated_pluginmain.php:79

actioninitmain.php:95

actionwp_enqueue_scriptsmain.php:98

actionadmin_noticesmain.php:100

actionadmin_noticesmain.php:102

actionadmin_initmain.php:104

filterwpcf7_load_jsmain.php:107

filterwpcf7_load_cssmain.php:108

actionwp_footermain.php:110

Maintenance & Trust

Request a Quote for WooCommerce – Get a Quote Button – Product Enquiry Form Popup – Product Quotation Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 13, 2026

PHP min version7.4

Downloads122K

Community Trust

Rating100/100

Number of ratings22

Active installs6K

Alternatives

Request a Quote for WooCommerce – Get a Quote Button – Product Enquiry Form Popup – Product Quotation Alternatives

YITH Request a Quote for WooCommerce

yith-woocommerce-request-a-quote

The YITH Request a Quote for WooCommerce plugin lets your customers ask for an estimate of a list of products they are interested into.

10K 3 CVEs

Appsila WooQuote

appsila-wooquote

Appsila WooQuote is a plugin that enables your customers send quote requests from your woocommerce shop which will then be tracked in a full functiona …

0 No CVEs

PSM Request a Quote for WooCommerce

psm-request-a-quote

100

Allow customers to request a quote for WooCommerce products with ease.

0 No CVEs

ELEX WooCommerce Request a Quote

elex-request-a-quote

ELEX Request a Quote plugin allows your customers to add products to a quote list, fill out a form, and request a custom price.

2K 1 unpatched

B2B Request a Quote

woo-add-to-quote

100

Add B2B quote requests to WooCommerce. Let your customers request, manage, and negotiate quotes comfortably to boost B2B sales on your WordPress site.

80 No CVEs

Developer Profile

Request a Quote for WooCommerce – Get a Quote Button – Product Enquiry Form Popup – Product Quotation Developer Profile

WPBean

25 plugins · 40K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

20 days

View full developer profile

Detection Fingerprints

How We Detect Request a Quote for WooCommerce – Get a Quote Button – Product Enquiry Form Popup – Product Quotation

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/get-a-quote-button-for-woocommerce/assets/css/frontend.css/wp-content/plugins/get-a-quote-button-for-woocommerce/assets/js/frontend.js

Script Paths

/wp-content/plugins/get-a-quote-button-for-woocommerce/assets/js/frontend.js

Version Parameters

get-a-quote-button-for-woocommerce/assets/css/frontend.css?ver=get-a-quote-button-for-woocommerce/assets/js/frontend.js?ver=

HTML / DOM Fingerprints

CSS Classes

wpb-gqb-discount-notice

HTML Comments

+21 more

Data Attributes

wpb_gqb_hidden_cf7

JS Globals

wpb_gqb_get_option

Shortcode Output

[contact-form-7 id=

FAQ