WP-Safety

Quote Requests for WooCommerce Security & Risk Analysis

wordpress.org/plugins/quote-requests-for-woocommerce

A WooCommerce extension for allowing customers to submit quote requests to get customized prices before placing their orders.

10 active installs v1.0.4 PHP 7.4+ WP 5.6+ Updated Jun 8, 2022
bidsestimatesproposalsquoteswoocommerce
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Quote Requests for WooCommerce Safe to Use in 2026?

Generally Safe

Score 85/100

Quote Requests for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3yr ago
Risk Assessment

Based on the provided static analysis and vulnerability history, the "quote-requests-for-woocommerce" plugin version 1.0.4 exhibits a generally strong security posture. The absence of any identified CVEs or known vulnerabilities is a significant positive indicator. Furthermore, the plugin demonstrates good practices in its handling of SQL queries, exclusively using prepared statements, and a high percentage of output escaping (82%), which mitigates common cross-site scripting (XSS) risks. The lack of critical or high-severity taint flows also suggests robust data handling mechanisms.

However, there are areas that warrant attention. The presence of a single nonce check, while better than none, is low for a plugin that likely interacts with user actions. More critically, the complete absence of capability checks and the lack of any explicit authentication or permission checks on the 0 identified entry points (AJAX, REST API, shortcodes, cron events) is a significant concern. While the attack surface is currently reported as zero, this could change with future updates or if developers introduce new features without proper security considerations. The bundled Freemius library, although not explicitly flagged as outdated, is a potential point of concern as bundled libraries can become vulnerabilities if not actively maintained and updated.

In conclusion, the plugin's current state, with no known vulnerabilities and good SQL/output handling, is positive. However, the lack of comprehensive capability checks and the single nonce check leave room for improvement in protecting against potential privilege escalation or unauthorized actions, especially if the attack surface expands. Developers should prioritize implementing robust authorization checks for any new or existing entry points.

Key Concerns

  • No capability checks found
  • Only 1 nonce check found
  • Bundled Freemius v1.0 library
Vulnerabilities
None known

Quote Requests for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Quote Requests for WooCommerce Release Timeline

v1.0.4Current
v1.0.3
v1.0.2
v1.0.1
v1.0.0
Code Analysis
Analyzed Mar 17, 2026

Quote Requests for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
6 prepared
Unescaped Output
51
233 escaped
Nonce Checks
1
Capability Checks
0
File Operations
6
External Requests
0
Bundled Libraries
2

Bundled Libraries

Freemius1.0jQuery

SQL Query Safety

100% prepared6 total queries

Output Escaping

82% escaped284 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

1 flows
<form-tracking> (src\templates\quote\form-tracking.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Quote Requests for WooCommerce Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 119
filterplugin_row_metadependencies\deep-web-solutions\wp-framework-core\src\includes\AbstractPluginFunctionalityRoot.php:169
actionadmin_footerdependencies\deep-web-solutions\wp-framework-core\src\includes\Functionalities\InstallationFunctionality.php:75
actioninitdependencies\deep-web-solutions\wp-framework-core\src\includes\Functionalities\InternationalizationFunctionality.php:42
actionadmin_noticesdependencies\deep-web-solutions\wp-framework-utilities\src\includes\AdminNotices\AdminNoticesService.php:88
actionadmin_footerdependencies\deep-web-solutions\wp-framework-utilities\src\includes\AdminNotices\Handlers\DismissibleNoticesHandler.php:53
actioninitdependencies\deep-web-solutions\wp-framework-utilities\src\includes\Shortcodes\ShortcodesService.php:63
filterdefault_post_metadatadependencies\deep-web-solutions\wp-framework-woocommerce\src\includes\Settings\Functionalities\WC_AbstractValidatedProductSettingsGroupFunctionality.php:60
filterwoocommerce_data_store_wp_post_read_metadependencies\deep-web-solutions\wp-framework-woocommerce\src\includes\Settings\Functionalities\WC_AbstractValidatedProductSettingsGroupFunctionality.php:61
filterwoocommerce_product_data_tabsdependencies\deep-web-solutions\wp-framework-woocommerce\src\includes\Settings\Functionalities\WC_AbstractValidatedProductSettingsTabFunctionality.php:35
actionwoocommerce_product_data_panelsdependencies\deep-web-solutions\wp-framework-woocommerce\src\includes\Settings\Functionalities\WC_AbstractValidatedProductSettingsTabFunctionality.php:36
actionwoocommerce_process_product_metadependencies\deep-web-solutions\wp-framework-woocommerce\src\includes\Settings\Functionalities\WC_AbstractValidatedProductSettingsTabFunctionality.php:37
filterafter_skip_urlfreemius.php:57
filterafter_connect_urlfreemius.php:58
filterafter_pending_connect_urlfreemius.php:59
actionfs_after_uninstall_quote-requests-for-woocommercefunctions.php:128
actionadmin_noticesquote-requests-for-woocommerce.php:46
actionplugins_loadedquote-requests-for-woocommerce.php:75
actionwoocommerce_order_status_quote-request_to_quote-cancelled_notificationsrc\emails\DWS_Email_Cancelled_Quote_Request.php:42
actionwoocommerce_order_status_pending_to_quote-request_notificationsrc\emails\DWS_Email_Customer_Processing_Quote_Request.php:48
actionwoocommerce_order_status_quote-request_to_quote-waiting_notificationsrc\emails\DWS_Email_Customer_Waiting_Quote_Request.php:42
actionwoocommerce_order_status_quote-rejected_to_quote-waiting_notificationsrc\emails\DWS_Email_Customer_Waiting_Quote_Request.php:43
actionwoocommerce_order_status_pending_to_quote-request_notificationsrc\emails\DWS_Email_New_Quote_Request.php:42
actionwoocommerce_order_status_quote-waiting_to_quote-rejected_notificationsrc\emails\DWS_Email_Rejected_Quote.php:40
filterthe_titlesrc\includes\Account\AbstractEndpoint.php:52
actionwp_loadedsrc\includes\Account\Actions.php:39
actionwp_loadedsrc\includes\Account\Actions.php:40
actionwp_loadedsrc\includes\Account\Actions.php:41
filterwoocommerce_account_menu_itemssrc\includes\Account\Endpoints\QuotesList.php:44
filterwoocommerce_get_settings_advancedsrc\includes\Account\Endpoints.php:45
filterwoocommerce_get_query_varssrc\includes\Account\Endpoints.php:46
filterwoocommerce_email_classessrc\includes\Emails.php:35
filterwoocommerce_email_actionssrc\includes\Emails.php:36
filterwoocommerce_template_directorysrc\includes\Emails.php:37
actionwoocommerce_email_order_detailssrc\includes\Emails.php:39
filtergettext_woocommercesrc\includes\Emails.php:40
actionwoocommerce_email_customer_detailssrc\includes\Emails.php:41
filteruser_has_capsrc\includes\Permissions.php:45
actionadmin_print_scripts-post.phpsrc\includes\ProductSettings.php:48
actionadmin_print_scripts-post-new.phpsrc\includes\ProductSettings.php:49
actionwoocommerce_process_product_metasrc\includes\ProductSettings.php:50
filterwoocommerce_order_actionssrc\includes\Quotes\Actions.php:41
filterwoocommerce_admin_order_actionssrc\includes\Quotes\Actions.php:42
actionwoocommerce_order_action_send_quote_detailssrc\includes\Quotes\Actions.php:44
actionwoocommerce_order_action_send_quote_details_adminsrc\includes\Quotes\Actions.php:45
actionwoocommerce_order_action_accept_quotesrc\includes\Quotes\Actions.php:46
actionwoocommerce_order_action_reject_quotesrc\includes\Quotes\Actions.php:47
actioncurrent_screensrc\includes\Quotes\PostType\ListTable.php:39
actioncheck_ajax_referersrc\includes\Quotes\PostType\ListTable.php:40
actionadmin_print_styles-edit.phpsrc\includes\Quotes\PostType\ListTable.php:41
filterwoocommerce_admin_order_preview_get_order_detailssrc\includes\Quotes\PostType\ListTable.php:43
actionadmin_enqueue_scriptssrc\includes\Quotes\PostType\MetaBoxes.php:37
actionadd_meta_boxessrc\includes\Quotes\PostType\MetaBoxes.php:38
actionwoocommerce_process_shop_order_metasrc\includes\Quotes\PostType\MetaBoxes.php:39
actionadd_meta_boxessrc\includes\Quotes\PostType\MetaBoxes.php:41
actionwoocommerce_process_shop_order_metasrc\includes\Quotes\PostType\MetaBoxes.php:42
filteris_woocommercesrc\includes\Quotes\Tracking.php:41
actionwoocommerce_after_register_post_typesrc\includes\Quotes.php:53
filterwoocommerce_data_storessrc\includes\Quotes.php:59
filterwoocommerce_register_shop_order_post_statusessrc\includes\Quotes.php:60
filterwoocommerce_payment_complete_reduce_order_stocksrc\includes\Quotes.php:61
filterwoocommerce_payment_complete_order_statussrc\includes\Quotes.php:68
filterwoocommerce_new_order_note_datasrc\includes\Quotes.php:75
filtergettext_woocommercesrc\includes\Quotes.php:82
actionwp_enqueue_scriptssrc\includes\RequestLists\AddToListButton.php:34
actionwoocommerce_simple_add_to_cartsrc\includes\RequestLists\AddToListButton.php:35
actionwoocommerce_after_add_to_cart_buttonsrc\includes\RequestLists\AddToListButton.php:42
filterwoocommerce_loop_add_to_cart_linksrc\includes\RequestLists\AddToListButton.php:43
filterwoocommerce_pre_remove_cart_item_from_sessionsrc\includes\RequestLists\CartList\AddToCartList.php:32
filterwoocommerce_add_to_cart_validationsrc\includes\RequestLists\CartList\AddToCartList.php:39
filterwoocommerce_add_to_cart_validationsrc\includes\RequestLists\CartList\AddToCartList.php:46
filterwoocommerce_add_cart_item_datasrc\includes\RequestLists\CartList\AddToCartList.php:53
actionwoocommerce_check_cart_itemssrc\includes\RequestLists\CartList\AddToCartList.php:60
filterngettext_woocommercesrc\includes\RequestLists\CartList\AddToCartList.php:67
filterthe_titlesrc\includes\RequestLists\CartList\CheckoutCartList.php:35
filtergettext_woocommercesrc\includes\RequestLists\CartList\CheckoutCartList.php:36
filterwoocommerce_cart_needs_paymentsrc\includes\RequestLists\CartList\CheckoutCartList.php:38
filterwoocommerce_cart_needs_shipping_addresssrc\includes\RequestLists\CartList\CheckoutCartList.php:39
filterwoocommerce_new_order_datasrc\includes\RequestLists\CartList\CheckoutCartList.php:41
filterwoocommerce_widget_cart_item_quantitysrc\includes\RequestLists\CartList\HideItemPricesCartList.php:48
actionwoocommerce_widget_shopping_cart_totalsrc\includes\RequestLists\CartList\HideItemPricesCartList.php:49
actionwoocommerce_widget_shopping_cart_totalsrc\includes\RequestLists\CartList\HideItemPricesCartList.php:50
filterwoocommerce_cart_item_pricesrc\includes\RequestLists\CartList\HideItemPricesCartList.php:52
filterwoocommerce_cart_item_subtotalsrc\includes\RequestLists\CartList\HideItemPricesCartList.php:53
filterwoocommerce_cart_subtotalsrc\includes\RequestLists\CartList\HideItemPricesCartList.php:55
filterwoocommerce_cart_totals_fee_htmlsrc\includes\RequestLists\CartList\HideItemPricesCartList.php:56
filterwoocommerce_cart_totals_taxes_total_htmlsrc\includes\RequestLists\CartList\HideItemPricesCartList.php:57
filterwoocommerce_cart_totals_order_total_htmlsrc\includes\RequestLists\CartList\HideItemPricesCartList.php:58
actionwoocommerce_before_cartsrc\includes\RequestLists\CartList\HideItemPricesCartList.php:60
filterwoocommerce_cart_item_pricesrc\includes\RequestLists\CartList\PriceDisclaimerCartList.php:50
filterwoocommerce_cart_item_subtotalsrc\includes\RequestLists\CartList\PriceDisclaimerCartList.php:51
filterwoocommerce_cart_subtotalsrc\includes\RequestLists\CartList\PriceDisclaimerCartList.php:53
filterwoocommerce_cart_totals_fee_htmlsrc\includes\RequestLists\CartList\PriceDisclaimerCartList.php:54
filterwoocommerce_cart_totals_taxes_total_htmlsrc\includes\RequestLists\CartList\PriceDisclaimerCartList.php:55
filterwoocommerce_cart_totals_order_total_htmlsrc\includes\RequestLists\CartList\PriceDisclaimerCartList.php:56
actionwoocommerce_after_cart_totalssrc\includes\RequestLists\CartList\PriceDisclaimerCartList.php:58
actionwoocommerce_review_order_after_paymentsrc\includes\RequestLists\CartList\PriceDisclaimerCartList.php:59
filterthe_titlesrc\includes\RequestLists\CartList.php:56
filtergettext_woocommercesrc\includes\RequestLists\CartList.php:63
filterwoocommerce_coupons_enabledsrc\includes\RequestLists\CartList.php:70
filterwoocommerce_cart_ready_to_calc_shippingsrc\includes\RequestLists\CartList.php:76
filterpre_option_woocommerce_enable_shipping_calcsrc\includes\RequestLists\CartList.php:82
actionwoocommerce_cart_collateralssrc\includes\RequestLists\CartList.php:88
actionwoocommerce_new_order_itemsrc\includes\Requests\HideProductsPrices.php:36
filterwoocommerce_hidden_order_itemmetasrc\includes\Requests\HideProductsPrices.php:37
actionwoocommerce_before_shop_loop_item_titlesrc\includes\Requests\HideProductsPrices.php:40
actionwoocommerce_before_single_product_summarysrc\includes\Requests\HideProductsPrices.php:41
filterwoocommerce_get_price_htmlsrc\includes\Requests\HideProductsPrices.php:43
filterwoocommerce_variable_price_htmlsrc\includes\Requests\HideProductsPrices.php:44
filterwoocommerce_variable_sale_price_htmlsrc\includes\Requests\HideProductsPrices.php:45
filterwoocommerce_order_formatted_line_subtotalsrc\includes\Requests\HideProductsPrices.php:47
filterwoocommerce_get_order_item_totalssrc\includes\Requests\HideProductsPrices.php:48
filterwoocommerce_get_formatted_order_totalsrc\includes\Requests\HideProductsPrices.php:49
filterwoocommerce_order_formatted_line_subtotalsrc\includes\Requests\PriceDisclaimer.php:48
filterwoocommerce_get_order_item_totalssrc\includes\Requests\PriceDisclaimer.php:49
filterwoocommerce_get_formatted_order_totalsrc\includes\Requests\PriceDisclaimer.php:50
actionwoocommerce_email_after_order_tablesrc\includes\Requests\PriceDisclaimer.php:52
filterwoocommerce_admin_settings_sanitize_optionsrc\includes\Settings\RequestListMessagesSettings.php:30
filterwoocommerce_admin_settings_sanitize_optionsrc\includes\Settings\RequestMessagesSettings.php:29
actionwoocommerce_settings_savedsrc\includes\Settings.php:81
Maintenance & Trust

Quote Requests for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.0.11
Last updatedJun 8, 2022
PHP min version7.4
Downloads3K

Community Trust

Rating100/100
Number of ratings1
Active installs10
Alternatives

Quote Requests for WooCommerce Alternatives

Quotes for WooCommerce

Quotes for WooCommerce

quotes-for-woocommerce

A
99

This plugin allows the site admin the ability to accept quote requests for products. Prices can be hidden. No payments will be taken at Checkout.

4K 2 CVEs
Invoice Gateway for WooCommerce – Invoice Payment Gateway

Invoice Gateway for WooCommerce – Invoice Payment Gateway

invoice-gateway-for-woocommerce

A
100

Add a WooCommerce invoice gateway to your store. An easy invoicing payment gateway solution for WooCommerce.

2K No CVEs
Ultimate Auction for WooCommerce – Excellent WP Auction Plugin

Ultimate Auction for WooCommerce – Excellent WP Auction Plugin

ultimate-woocommerce-auction

A
100

Ultimate Auction is an excellent WP Auction plugin to auction your Art, Vehicle, Painting, Collectibles, Stamp, Real Estate, Car, KOI, Horse etc.

2K No CVEs
Quotes Addon for GetPaid

Quotes Addon for GetPaid

invoicing-quotes

A
100

Quotes add-on for the WordPress payments plugin GetPaid. Allows you to create quotes, send them to clients and convert them to Invoices when accepted &hellip;

700 No CVEs
Ship Discounts

Ship Discounts

ship-discounts

A
100

Offer your customers shipping services with real-time quotes. Need a livraisonsarabais.com / shipdiscounts.ca account

90 No CVEs
Developer Profile

Quote Requests for WooCommerce Developer Profile

Deep Web Solutions

3 plugins · 50 total installs

84
trust score
Avg Security Score
85/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Quote Requests for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/quote-requests-for-woocommerce/dependencies/deep-web-solutions/wp-framework-bootstrapper/assets/css/bootstrap-grid.min.css/wp-content/plugins/quote-requests-for-woocommerce/dependencies/deep-web-solutions/wp-framework-bootstrapper/assets/css/bootstrap-reboot.min.css/wp-content/plugins/quote-requests-for-woocommerce/dependencies/deep-web-solutions/wp-framework-bootstrapper/assets/css/bootstrap.min.css/wp-content/plugins/quote-requests-for-woocommerce/dependencies/deep-web-solutions/wp-framework-bootstrapper/assets/css/custom.css/wp-content/plugins/quote-requests-for-woocommerce/dependencies/deep-web-solutions/wp-framework-bootstrapper/assets/js/bootstrap.bundle.min.js/wp-content/plugins/quote-requests-for-woocommerce/dependencies/deep-web-solutions/wp-framework-bootstrapper/assets/js/custom.js/wp-content/plugins/quote-requests-for-woocommerce/dependencies/deep-web-solutions/wp-framework-core/assets/css/custom.css/wp-content/plugins/quote-requests-for-woocommerce/dependencies/deep-web-solutions/wp-framework-core/assets/js/custom.js+6 more
Script Paths
/wp-content/plugins/quote-requests-for-woocommerce/dependencies/deep-web-solutions/wp-framework-bootstrapper/assets/js/bootstrap.bundle.min.js/wp-content/plugins/quote-requests-for-woocommerce/dependencies/deep-web-solutions/wp-framework-bootstrapper/assets/js/custom.js/wp-content/plugins/quote-requests-for-woocommerce/dependencies/deep-web-solutions/wp-framework-core/assets/js/custom.js/wp-content/plugins/quote-requests-for-woocommerce/dependencies/deep-web-solutions/wp-framework-foundations/assets/js/custom.js/wp-content/plugins/quote-requests-for-woocommerce/assets/js/quote-requests-for-woocommerce.js/wp-content/plugins/quote-requests-for-woocommerce/assets/js/frontend.js+1 more
Version Parameters
/wp-content/plugins/quote-requests-for-woocommerce/assets/css/style.css?ver=/wp-content/plugins/quote-requests-for-woocommerce/assets/js/quote-requests-for-woocommerce.js?ver=/wp-content/plugins/quote-requests-for-woocommerce/assets/js/frontend.js?ver=/wp-content/plugins/quote-requests-for-woocommerce/assets/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes
dws-qrwc-quote-request-form
Data Attributes
data-dws-qrwc-action
JS Globals
DWS_QRWC_FrontendDWS_QRWC_Admin
REST Endpoints
/wp-json/dws-qrwc/v1/quote-request
Shortcode Output
[quote_request_form][quote_request_form]
FAQ

Frequently Asked Questions about Quote Requests for WooCommerce