WP-Safety

Really Simple RfQ Form for WooCommerce Security & Risk Analysis

wordpress.org/plugins/really-simple-rfq-form-for-woocommerce

Removes the 'Add to cart' button from WooCommerce and adds a simple 'Request for quotation' form on all product pages.

10 active installs v1.0 PHP + WP 4.0+ Updated Jul 9, 2024
quotationquoterequestwcwoocommerce
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Really Simple RfQ Form for WooCommerce Safe to Use in 2026?

Generally Safe

Score 92/100

Really Simple RfQ Form for WooCommerce has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The "really-simple-rfq-form-for-woocommerce" plugin version 1.0 presents a significant security risk due to its unprotected AJAX endpoints. With two identified AJAX handlers, neither of which have authentication checks, any unauthenticated user can trigger these actions. This creates a large attack surface for potential exploits.

The code analysis reveals concerning practices regarding output escaping, with only 7% of outputs being properly escaped. This could lead to Cross-Site Scripting (XSS) vulnerabilities if user-supplied data is not sanitized before being displayed.

While there is no recorded vulnerability history or taint analysis findings, the lack of these does not negate the immediate risks identified in the static analysis. The absence of nonces and capability checks further exacerbates the security concerns related to the unprotected AJAX endpoints. The plugin's current security posture is weak, with immediate threats due to readily exploitable entry points, despite a clean historical record.

Key Concerns

  • Unprotected AJAX handlers
  • Low output escaping percentage
  • Missing nonce checks on AJAX
  • Missing capability checks
Vulnerabilities
None known

Really Simple RfQ Form for WooCommerce Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 17, 2026

Really Simple RfQ Form for WooCommerce Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
13
1 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

7% escaped14 total outputs
Attack Surface
2 unprotected

Really Simple RfQ Form for WooCommerce Attack Surface

Entry Points2
Unprotected2

AJAX Handlers 2

noprivwp_ajax_denra_plugin_rsrfqfwc_form_submitrsrfqfwc.php:19
authwp_ajax_denra_plugin_rsrfqfwc_form_submitrsrfqfwc.php:20
WordPress Hooks 7
actionplugins_loadedrsrfqfwc.php:14
actionwp_enqueue_scriptsrsrfqfwc.php:17
actionwoocommerce_sharersrfqfwc.php:18
filterdenra_plugin_rsrfqfwc_default_qtyrsrfqfwc.php:21
actioninitrsrfqfwc.php:22
actionwoocommerce_after_shop_loop_itemrsrfqfwc.php:136
actionwoocommerce_single_product_summaryrsrfqfwc.php:142
Maintenance & Trust

Really Simple RfQ Form for WooCommerce Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5
Last updatedJul 9, 2024
PHP min version
Downloads5K

Community Trust

Rating0/100
Number of ratings0
Active installs10
Alternatives

Really Simple RfQ Form for WooCommerce Alternatives

Product Enquiry for WooCommerce

Product Enquiry for WooCommerce

product-enquiry-for-woocommerce

A
99

Product Enquiry allows prospective customers to "Make an Enquiry" about a product, or "Request a Quote" right from within the product page.

10K 1 CVE
YITH Request a Quote for WooCommerce

YITH Request a Quote for WooCommerce

yith-woocommerce-request-a-quote

A
93

The YITH Request a Quote for WooCommerce plugin lets your customers ask for an estimate of a list of products they are interested into.

10K 3 CVEs
NP Quote Request for WooCommerce

NP Quote Request for WooCommerce

woo-rfq-for-woocommerce

A
98

NP Quote Request for WooCommerce enables your customers to easily submit quote requests to your WooCommerce store. Flexible WooCommerce Quote Request!

9K 1 CVE
Call for Price for WooCommerce

Call for Price for WooCommerce

woocommerce-call-for-price

A
100

Allow customers to "Request a quote" or "Call for price" for WooCommerce products. You can show or hide the product price globally or per product.

8K No CVEs
Request a Quote for WooCommerce – Get a Quote Button – Product Enquiry Form Popup – Product Quotation

Request a Quote for WooCommerce – Get a Quote Button – Product Enquiry Form Popup – Product Quotation

get-a-quote-button-for-woocommerce

A
98

Request a Quote for WooCommerce and Elementor plugin shows a Contact Form 7 or WPForms popup on button click. Quote for WooCommerce, price on request.

6K 1 CVE
Developer Profile

Really Simple RfQ Form for WooCommerce Developer Profile

Denra.com

3 plugins · 11K total installs

92
trust score
Avg Security Score
97/100
Avg Patch Time
10 days
View full developer profile
Detection Fingerprints

How We Detect Really Simple RfQ Form for WooCommerce

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/really-simple-rfq-form-for-woocommerce/assets/js/rsrfqfwc.js/wp-content/plugins/really-simple-rfq-form-for-woocommerce/assets/css/style.css
Script Paths
/wp-content/plugins/really-simple-rfq-form-for-woocommerce/assets/js/rsrfqfwc.js
Version Parameters
/wp-content/plugins/really-simple-rfq-form-for-woocommerce/assets/js/rsrfqfwc.js?ver=/wp-content/plugins/really-simple-rfq-form-for-woocommerce/assets/css/style.css?ver=

HTML / DOM Fingerprints

CSS Classes
denra-plugin-rsrfqfwcdenra-plugin-rsrfqfwc-formloading-spinnerrsrfqfwc_submitrsrfqfwc_prd_qtyrsrfqfwc_namersrfqfwc_emailrsrfqfwc_phone+1 more
Data Attributes
id="denra-plugin-rsrfqfwc"id="denra-plugin-rsrfqfwc-form"id="rsrfqfwc_prd_id"id="rsrfqfwc_prd_rsrfqfwc_name"id="rsrfqfwc_prd_sku"id="rsrfqfwc_prd_qty"+5 more
JS Globals
ajax_object
Shortcode Output
<div id="denra-plugin-rsrfqfwc"><h4>Request for quotation for:<span class="title"><div class="message"></div>
FAQ

Frequently Asked Questions about Really Simple RfQ Form for WooCommerce