Does Request a Quote for WooCommerce have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Request a Quote for WooCommerce compatible with WordPress 6.9.4?

According to WordPress.org data, Request a Quote for WooCommerce 1.0.0 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Request a Quote for WooCommerce compatible with PHP 7.4+?

Request a Quote for WooCommerce requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Request a Quote for WooCommerce updated?

Request a Quote for WooCommerce was last updated on Apr 7, 2026. Frequent updates are generally a positive security signal.

What is Request a Quote for WooCommerce's security score?

Request a Quote for WooCommerce has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Request a Quote for WooCommerce Security & Risk Analysis

wordpress.org/plugins/psm-request-a-quote

The best WooCommerce request a quote plugin to hide prices, add a "Request for Quote" button, and manage B2B quotations directly from your dashboard.

0 active installs v1.0.0 PHP 7.4+ WP 5.8+ Updated Apr 7, 2026

b2b-woocommercehide-pricesquote-for-woocommercerequest-a-quotewoocommerce-request-a-quote

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Request a Quote for WooCommerce Safe to Use in 2026?

Generally Safe

Score 100/100

Request a Quote for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1mo ago

Risk Assessment

The "psm-request-a-quote" v1.0.0 plugin exhibits a mixed security posture. On the positive side, the plugin demonstrates strong adherence to secure coding practices by avoiding dangerous functions, utilizing prepared statements for all SQL queries, and ensuring 100% proper output escaping. Furthermore, there is no recorded history of vulnerabilities, which is a significant strength. However, a notable concern arises from the substantial attack surface, with 17 out of 41 total entry points lacking authentication or permission checks. This includes a significant number of unprotected REST API routes. While taint analysis did not reveal any immediate vulnerabilities, the presence of numerous unprotected entry points creates a fertile ground for potential exploitation if specific logical flaws are discovered in the future. The lack of documented vulnerabilities is encouraging but does not entirely mitigate the risks presented by the exposed entry points.

In conclusion, the plugin has a solid foundation in secure coding principles, particularly regarding SQL and output handling. The absence of known vulnerabilities is a strong indicator of developer diligence or fortunate circumstances. Nevertheless, the significant number of unprotected entry points, especially within the REST API, represents a considerable risk that could be exploited through other means. Addressing these exposed entry points should be a priority to improve the plugin's overall security, even in the absence of immediate exploitable flaws.

Key Concerns

REST API routes without permission callbacks
AJAX handlers without auth checks

Vulnerabilities

None known

Request a Quote for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Request a Quote for WooCommerce Release Timeline

v1.0.0Current

Code Analysis

Analyzed Mar 17, 2026

Request a Quote for WooCommerce Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

308 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped309 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

1 flows

<Textarea> (includes\Controllers\FormFields\Textarea.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

17 unprotected

Request a Quote for WooCommerce Attack Surface

Entry Points41

Unprotected17

AJAX Handlers 14

authwp_ajax_psmraq_add_to_quoteincludes\Ajax\AddToQuote.php:24

noprivwp_ajax_psmraq_add_to_quoteincludes\Ajax\AddToQuote.php:25

authwp_ajax_psmraq_remove_from_quoteincludes\Ajax\AddToQuote.php:28

noprivwp_ajax_psmraq_remove_from_quoteincludes\Ajax\AddToQuote.php:29

authwp_ajax_psmraq_update_quoteincludes\Ajax\AddToQuote.php:32

noprivwp_ajax_psmraq_update_quoteincludes\Ajax\AddToQuote.php:33

authwp_ajax_psmraq_clear_quote_listincludes\Ajax\AddToQuote.php:36

noprivwp_ajax_psmraq_clear_quote_listincludes\Ajax\AddToQuote.php:37

authwp_ajax_psmraq_get_quote_listincludes\Ajax\AddToQuote.php:40

noprivwp_ajax_psmraq_get_quote_listincludes\Ajax\AddToQuote.php:41

authwp_ajax_psmraq_add_new_quote_requestincludes\Ajax\QuoteRequest.php:23

noprivwp_ajax_psmraq_add_new_quote_requestincludes\Ajax\QuoteRequest.php:24

authwp_ajax_psmraq_request_quoteincludes\Ajax\RequestAQuote.php:22

noprivwp_ajax_psmraq_request_quoteincludes\Ajax\RequestAQuote.php:23

REST API Routes 26

GET/wp-json/psmfr/v1/pagesframework\includes\rest-api\class-psmfr-rest-pages.php:23

GET/wp-json/psmfr/v1/settingsframework\includes\rest-api\class-psmfr-rest-settings.php:23

POST/wp-json/psmfr/v1/settings/resetframework\includes\rest-api\class-psmfr-rest-settings.php:76

GET/wp-json/psmfr/v1/timezonesframework\includes\rest-api\class-psmfr-rest-timezones.php:24

GET/wp-json/psmfr/v1/user-rolesframework\includes\rest-api\class-psmfr-rest-user-roles.php:27

GET/wp-json/psmfr/v1/woo-countriesframework\includes\rest-api\class-psmfr-rest-woo-countries.php:24

GET/wp-json/psmfr/v1/woo-statesframework\includes\rest-api\class-psmfr-rest-woo-countries.php:35

GET/wp-json/psmraq/v1/my-quotesincludes\RestAPIs\Quote\MyQuotes.php:30

GET/wp-json/psmraq/v1/my-quotes/(?P<order_id>\d+)includes\RestAPIs\Quote\MyQuotes.php:48

POST/wp-json/psmraq/v1/my-quotes/(?P<order_id>\d+)/rejectincludes\RestAPIs\Quote\MyQuotes.php:63

POST/wp-json/psmraq/v1/quote/(?P<order_id>\d+)/upload-filesincludes\RestAPIs\Quote\Quote.php:29

GET/wp-json/psmraq/v1/quote-options/(?P<order_id>\d+)includes\RestAPIs\Quote\QuoteOptions.php:34

POST/wp-json/psmraq/v1/quote-options/(?P<order_id>\d+)/send-test-emailincludes\RestAPIs\Quote\QuoteOptions.php:61

POST/wp-json/psmraq/v1/quote-options/(?P<order_id>\d+)/send-quoteincludes\RestAPIs\Quote\QuoteOptions.php:80

GET/wp-json/psmraq/v1/quote-request/(?P<order_id>\d+)includes\RestAPIs\Quote\QuoteRequest.php:33

GET/wp-json/psmraq/v1/settings/appearanceincludes\RestAPIs\Settings\Appearance.php:35

GET/wp-json/psmraq/v1/settings/appearance/defaultsincludes\RestAPIs\Settings\Appearance.php:62

GET/wp-json/psmraq/v1/settings/form-fieldsincludes\RestAPIs\Settings\Form.php:39

GET/wp-json/psmraq/v1/settings/form-fields/(?P<name>[a-zA-Z0-9]+)includes\RestAPIs\Settings\Form.php:51

POST/wp-json/psmraq/v1/settings/form-fields/reorderincludes\RestAPIs\Settings\Form.php:68

GET/wp-json/psmraq/v1/settings/generalincludes\RestAPIs\Settings\General.php:36

GET/wp-json/psmraq/v1/settings/general/defaultsincludes\RestAPIs\Settings\General.php:62

GET/wp-json/psmraq/v1/settings/page-settingsincludes\RestAPIs\Settings\Page.php:36

GET/wp-json/psmraq/v1/settings/page-settings/defaultsincludes\RestAPIs\Settings\Page.php:157

GET/wp-json/psmraq/v1/settings/quoteincludes\RestAPIs\Settings\Quote.php:33

GET/wp-json/psmraq/v1/settings/quote/defaultsincludes\RestAPIs\Settings\Quote.php:55

Shortcodes 1

[psmraq] includes\Frontend\Shortcode.php:119

WordPress Hooks 79

actionadmin_menuframework\includes\class-psmfr-admin.php:19

actionadmin_enqueue_scriptsframework\includes\class-psmfr-admin.php:22

actionadmin_enqueue_scriptsframework\includes\class-psmfr-admin.php:25

filteradmin_body_classframework\includes\class-psmfr-admin.php:110

actionwp_enqueue_scriptsframework\includes\class-psmfr-frontend.php:19

actionwp_enqueue_scriptsframework\includes\class-psmfr-frontend.php:22

actioninitframework\includes\class-psmfr-installation.php:44

actioninitframework\includes\class-psmfr-installation.php:46

actionrest_api_initframework\includes\rest-api\class-psmfr-rest-pages.php:14

actionrest_api_initframework\includes\rest-api\class-psmfr-rest-settings.php:14

actionrest_api_initframework\includes\rest-api\class-psmfr-rest-timezones.php:14

actionrest_api_initframework\includes\rest-api\class-psmfr-rest-user-roles.php:14

actionrest_api_initframework\includes\rest-api\class-psmfr-rest-woo-countries.php:14

filterpsmfr_js_objectincludes\Admin\Actions.php:21

actionadd_meta_boxesincludes\Admin\Order.php:36

actionadmin_enqueue_scriptsincludes\Admin\Order.php:37

filterpsmplugins_admin_submenusincludes\Admin\SettingsPage.php:22

actionadmin_enqueue_scriptsincludes\Admin\SettingsPage.php:25

filteradmin_body_classincludes\Admin\SettingsPage.php:64

actionwoocommerce_order_status_changedincludes\Controllers\Cron\QuoteExpiry.php:22

actionpsmraq_quote_options_updatedincludes\Controllers\Cron\QuoteExpiry.php:23

actionpsmraq_send_quoteincludes\Controllers\Cron\QuoteExpiry.php:26

actionpsmraq_execute_quote_expiryincludes\Controllers\Cron\QuoteExpiry.php:29

filterwoocommerce_email_classesincludes\Controllers\Emails\AcceptQuoteRequest\Actions.php:19

actionpsmraq_quote_acceptedincludes\Controllers\Emails\AcceptQuoteRequest\Actions.php:22

filterwoocommerce_email_classesincludes\Controllers\Emails\NewQuoteRequest\Actions.php:19

actionpsmraq_new_quote_requestincludes\Controllers\Emails\NewQuoteRequest\Actions.php:22

filterwoocommerce_email_classesincludes\Controllers\Emails\NewQuoteRequestConfirmation\Actions.php:19

actionpsmraq_new_quote_requestincludes\Controllers\Emails\NewQuoteRequestConfirmation\Actions.php:22

filterwoocommerce_email_classesincludes\Controllers\Emails\QuoteExpired\Actions.php:21

actionpsmraq_quote_expiredincludes\Controllers\Emails\QuoteExpired\Actions.php:24

filterwoocommerce_email_classesincludes\Controllers\Emails\RejectQuoteRequest\Actions.php:21

actionpsmraq_quote_rejectedincludes\Controllers\Emails\RejectQuoteRequest\Actions.php:24

filterwoocommerce_email_classesincludes\Controllers\Emails\SendQuote\Actions.php:19

actionpsmraq_send_quote_test_emailincludes\Controllers\Emails\SendQuote\Actions.php:22

actionpsmraq_send_quoteincludes\Controllers\Emails\SendQuote\Actions.php:25

actionpsmraq_email_quote_request_summaryincludes\Controllers\Emails\TemplateParts.php:22

actionpsmraq_email_quote_summaryincludes\Controllers\Emails\TemplateParts.php:25

actionpsmraq_email_quote_action_linksincludes\Controllers\Emails\TemplateParts.php:28

actionpsmraq_email_customer_detailsincludes\Controllers\Emails\TemplateParts.php:31

actioninitincludes\Controllers\WooStatuses.php:20

filterwc_order_statusesincludes\Controllers\WooStatuses.php:23

filterwc_order_is_editableincludes\Controllers\WooStatuses.php:26

actionadmin_enqueue_scriptsincludes\Controllers\WooStatuses.php:29

actionpsmraq_send_quoteincludes\Controllers\WooStatuses.php:32

actionpsmraq_quote_rejectedincludes\Controllers\WooStatuses.php:35

actionpsmraq_quote_expiredincludes\Controllers\WooStatuses.php:38

filterpsmfr_js_objectincludes\Frontend\Actions.php:18

actionwp_enqueue_scriptsincludes\Frontend\AddToQuote.php:22

actionwoocommerce_before_single_productincludes\Frontend\AddToQuote.php:23

filterwoocommerce_loop_add_to_cart_linkincludes\Frontend\AddToQuote.php:26

filterwoocommerce_get_price_htmlincludes\Frontend\AddToQuote.php:31

actionwoocommerce_add_to_cartincludes\Frontend\AddToQuote.php:36

filterwc_add_to_cart_message_htmlincludes\Frontend\AddToQuote.php:37

actionwoocommerce_single_product_summaryincludes\Frontend\AddToQuote.php:228

actionwoocommerce_after_add_to_cart_buttonincludes\Frontend\AddToQuote.php:241

actionwoocommerce_after_add_to_cart_buttonincludes\Frontend\AddToQuote.php:250

actionwoocommerce_product_meta_startincludes\Frontend\AddToQuote.php:258

actioninitincludes\Frontend\MyQuotes.php:24

filterwoocommerce_get_query_varsincludes\Frontend\MyQuotes.php:27

filterwoocommerce_account_menu_itemsincludes\Frontend\MyQuotes.php:30

actionwp_enqueue_scriptsincludes\Frontend\MyQuotes.php:36

actionwoocommerce_after_register_post_typeincludes\Frontend\Shortcode.php:57

actioninitincludes\Frontend\Shortcode.php:58

actionwp_enqueue_scriptsincludes\Frontend\Shortcode.php:59

actioninitincludes\Installation\Autoloader.php:48

actioninitincludes\Installation\Autoloader.php:50

actionrest_api_initincludes\RestAPIs\Quote\MyQuotes.php:20

actionrest_api_initincludes\RestAPIs\Quote\Quote.php:18

actionrest_api_initincludes\RestAPIs\Quote\QuoteOptions.php:23

actionrest_api_initincludes\RestAPIs\Quote\QuoteRequest.php:22

actionrest_api_initincludes\RestAPIs\Settings\Appearance.php:18

actionrest_api_initincludes\RestAPIs\Settings\Form.php:21

actionrest_api_initincludes\RestAPIs\Settings\General.php:20

actionrest_api_initincludes\RestAPIs\Settings\Page.php:20

actionrest_api_initincludes\RestAPIs\Settings\Quote.php:17

actionplugins_loadedpsm-request-a-quote.php:43

filterplugin_row_metapsm-request-a-quote.php:45

filterafter_switch_themepsm-request-a-quote.php:46

Scheduled Events 1

psmraq_execute_quote_expiry

Maintenance & Trust

Request a Quote for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedApr 7, 2026

PHP min version7.4

Downloads267

Community Trust

Rating100/100

Number of ratings1

Active installs0

Alternatives

Request a Quote for WooCommerce Alternatives

YITH Request a Quote for WooCommerce

yith-woocommerce-request-a-quote

The YITH Request a Quote for WooCommerce plugin lets your customers ask for an estimate of a list of products they are interested into.

10K 3 CVEs

ELEX WooCommerce Request a Quote

elex-request-a-quote

ELEX Request a Quote plugin allows your customers to add products to a quote list, fill out a form, and request a custom price.

2K 1 unpatched

Request For Quote

wpheka-request-for-quote

Request For Quote plugin allows your customers to submit quotes for any product and negotiate with you for the best price.

10 1 CVE

Appsila WooQuote

appsila-wooquote

Appsila WooQuote is a plugin that enables your customers send quote requests from your woocommerce shop which will then be tracked in a full functiona …

0 No CVEs

Request a Quote Pro by Aavoya

request-a-quote-pro-by-aavoya

Request a Quote Pro by Aavoya WooCommerce plugin enables your customers query for an estimate of a list of products they are interested.

0 No CVEs

Developer Profile

Request a Quote for WooCommerce Developer Profile

PSM Plugins

3 plugins · 10K total installs

trust score

Avg Security Score

92/100

Avg Patch Time

394 days

View full developer profile

Detection Fingerprints

How We Detect Request a Quote for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/psm-request-a-quote/assets/css/psm-request-a-quote-frontend.css/wp-content/plugins/psm-request-a-quote/assets/css/psm-request-a-quote-admin.css/wp-content/plugins/psm-request-a-quote/assets/js/psm-request-a-quote-frontend.js/wp-content/plugins/psm-request-a-quote/assets/js/psm-request-a-quote-admin.js

Script Paths

/wp-content/plugins/psm-request-a-quote/assets/js/psm-request-a-quote-frontend.js/wp-content/plugins/psm-request-a-quote/assets/js/psm-request-a-quote-admin.js

Version Parameters

psm-request-a-quote/assets/css/psm-request-a-quote-frontend.css?ver=psm-request-a-quote/assets/css/psm-request-a-quote-admin.css?ver=psm-request-a-quote/assets/js/psm-request-a-quote-frontend.js?ver=psm-request-a-quote/assets/js/psm-request-a-quote-admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

psm-request-a-quote-button

Data Attributes

data-psm-quote-button

JS Globals

psm_request_a_quote_params

Shortcode Output

[psm_quote_button]

FAQ