Does Quote Wizard have any unpatched vulnerabilities?

No. All known vulnerabilities in Quote Wizard have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Quote Wizard compatible with WordPress 6.8.5?

According to WordPress.org data, Quote Wizard 1.0.1 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Quote Wizard compatible with PHP 7.4+?

Quote Wizard requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Quote Wizard updated?

Quote Wizard was last updated on Unknown. Frequent updates are generally a positive security signal.

What is Quote Wizard's security score?

Quote Wizard has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Quote Wizard Security Review — Score 100/100 (safe)

Safety Verdict

Is Quote Wizard Safe to Use in 2026?

Generally Safe

Score 100/100

Quote Wizard has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs

Risk Assessment

The "quote-wizard" plugin v1.0.1 exhibits a generally strong security posture with good practices in place. The static analysis shows a commendable use of prepared statements for SQL queries (94%) and proper output escaping (89%), along with a significant number of nonce and capability checks. The absence of file operations and external HTTP requests further reduces potential attack vectors. However, the taint analysis reveals five high-severity flows with unsanitized paths, indicating a significant risk of data being processed without adequate validation, potentially leading to exploits like cross-site scripting (XSS) or path traversal, especially if these flows interact with user-supplied input. The plugin also has a total of six flows with unsanitized paths, which is a concern despite the absence of critical severity issues in the taint analysis. Despite the lack of recorded CVEs, the presence of these high-severity taint flows warrants careful attention. The vulnerability history is clean, which is positive, but it does not negate the risks identified in the code itself. Overall, while the plugin demonstrates good fundamental security hygiene, the identified high-severity unsanitized paths are a critical weakness that needs immediate remediation.

Key Concerns

High severity unsanitized paths
Unsanitized paths found in taint analysis

Vulnerabilities

None known

Quote Wizard Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Quote Wizard Code Analysis

Dangerous Functions

0

Raw SQL Queries

3

48 prepared

Unescaped Output

39

315 escaped

Nonce Checks

19

Capability Checks

4

File Operations

0

External Requests

0

Bundled Libraries

0

SQL Query Safety

94% prepared51 total queries

Output Escaping

89% escaped354 total outputs

Data Flows

6 unsanitized

Data Flow Analysis

11 flows6 with unsanitized paths

wdsqw_email_render (includes\email.php:9)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Quote Wizard Attack Surface

Entry Points3

Unprotected0

REST API Routes 1

POST/wp-json/wdsqw_api/v1/request-quoteapi\api.php:13

Shortcodes 2

[wdsqw_form] includes\shortcode.php:154

[wdsqw_my_quotes] includes\templates\my-quotes.php:242

WordPress Hooks 33

actionrest_api_initapi\api.php:40

actionwp_enqueue_scriptsincludes\functions.php:21

actionadmin_enqueue_scriptsincludes\functions.php:31

actionwoocommerce_product_meta_startincludes\functions.php:69

filterwoocommerce_is_purchasableincludes\functions.php:73

actioninitincludes\functions.php:163

filterwoocommerce_account_menu_itemsincludes\functions.php:181

actioninitincludes\functions.php:250

filterquery_varsincludes\functions.php:257

actionwoocommerce_account_view-quote_endpointincludes\functions.php:425

actionadd_meta_boxesincludes\settings.php:16

actionsave_post_productincludes\settings.php:125

actionadmin_noticesincludes\settings.php:127

actionwp_enqueue_scriptsincludes\shortcode.php:253

filterquery_varsincludes\templates\my-quotes.php:254

filterwoocommerce_account_menu_itemsincludes\templates\my-quotes.php:260

actionwoocommerce_account_my-quotes_endpointincludes\templates\my-quotes.php:265

actionadmin_enqueue_scriptsincludes\templates\quote-details.php:355

actionadmin_menuincludes\templates\quote-details.php:368

filterwdsqw_quote_details_urlincludes\templates\quote-details.php:374

actionadmin_noticesquote-wizard.php:34

actionplugins_loadedquote-wizard.php:220

actionadmin_menuquote-wizard.php:248

actionwp_enqueue_scriptsquote-wizard.php:347

actioninitquote-wizard.php:350

filterwoocommerce_is_purchasablequote-wizard.php:354

filterwoocommerce_product_is_in_stockquote-wizard.php:355

filterwoocommerce_product_get_pricequote-wizard.php:356

filterwoocommerce_get_pricequote-wizard.php:357

filterwoocommerce_cart_item_remove_linkquote-wizard.php:360

filterwoocommerce_cart_item_quantityquote-wizard.php:361

filterwoocommerce_add_to_cart_validationquote-wizard.php:362

filterwoocommerce_get_cart_item_from_sessionquote-wizard.php:368

Maintenance & Trust

Quote Wizard Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedUnknown

PHP min version7.4

Downloads267

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Quote Wizard Alternatives

wp-Typography

wp-typography

A

92

Improve your web typography with: hyphenation, space control, intelligent character replacement, and CSS hooks.

20K No CVEs

Quotes for WooCommerce

quotes-for-woocommerce

A

99

This plugin allows the site admin the ability to accept quote requests for products. Prices can be hidden. No payments will be taken at Checkout.

4K 2 CVEs

MultiStep Checkout for WooCommerce

woo-multistep-checkout

A

100

MultiStep Checkout for WooCommerce Split up your WooCommerce Checkout form easily into simpler steps.

4K No CVEs

AForms — Form Builder for Price Calculator & Cost Estimation

aforms-form-builder-for-price-calculator-cost-estimation

A

91

Form builder for Cost estimation and Custom order.

3K 1 CVE

Invoice Gateway for WooCommerce – Invoice Payment Gateway

invoice-gateway-for-woocommerce

A

100

Add a WooCommerce invoice gateway to your store. An easy invoicing payment gateway solution for WooCommerce.

2K No CVEs

Developer Profile

Quote Wizard Developer Profile

WebDesk Solution

2 plugins · 0 total installs

94

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Quote Wizard

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

HTML / DOM Fingerprints

CSS Classes

wdsqw-quote-form

Shortcode Output

[quote_wizard_form]

FAQ

Quote Wizard Security & Risk Analysis