WB Product Enquiry Security & Risk Analysis
wordpress.org/plugins/wb-product-enquiryChange your existing ecommerce site into a catalog, let your customers ask questions about products you sell!
Is WB Product Enquiry Safe to Use in 2026?
Generally Safe
Score 85/100WB Product Enquiry has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.
The wb-product-enquiry plugin v1.25 exhibits a mixed security posture. On the positive side, it demonstrates good practices by exclusively using prepared statements for SQL queries and avoiding external HTTP requests, which are common vectors for vulnerabilities. The absence of known CVEs also suggests a history of reasonable security management. However, significant concerns arise from the static analysis. The plugin has a small but entirely unprotected attack surface, with two AJAX handlers lacking any authentication checks. This immediately exposes the plugin to potential unauthorized actions. Furthermore, taint analysis reveals two flows with unsanitized paths, indicating a risk of data injection or manipulation if these paths are reached with untrusted input. The lack of nonces and capability checks on the AJAX endpoints exacerbates these risks.
Key Concerns
- AJAX handlers without authorization checks
- Taint flows with unsanitized paths
- Missing nonce checks on AJAX handlers
- Missing capability checks
- Insufficient output escaping
WB Product Enquiry Security Vulnerabilities
WB Product Enquiry Code Analysis
Output Escaping
Data Flow Analysis
WB Product Enquiry Attack Surface
AJAX Handlers 2
WordPress Hooks 17
Maintenance & Trust
WB Product Enquiry Maintenance & Trust
Maintenance Signals
Community Trust
WB Product Enquiry Alternatives
CatalogX – Catalog Mode, Enquiry & Quotes for WooCommerce
woocommerce-catalog-enquiry
WooCommerce Catalog Mode, product enquiry, and request a quote plugin. Hide prices, disable cart, and collect enquiries easily.
Product Enquiry for WooCommerce
gm-woocommerce-quote-popup
Allow customers to request quotes, send product enquiries, and run WooCommerce in catalog mode by hiding prices and replacing the Add to Cart button.
PiWeb Product Enquiry or product catalog for WooCommerce
enquiry-quotation-for-woocommerce
Product enquiry for WooCommerce and quote request plugin that can save enquiries and email the WooCommerce product enquiry as well
Contact Form 7
contact-form-7
Just another contact form plugin. Simple but flexible.
Akismet Anti-spam: Spam Protection
akismet
The best anti-spam protection to block spam comments and spam in a contact form. The most trusted antispam solution for WordPress and WooCommerce.
WB Product Enquiry Developer Profile
3 plugins · 20 total installs
How We Detect WB Product Enquiry
Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.
Asset Fingerprints
/wp-content/plugins/wb-product-enquiry/assets/css/wb-product-enquiry-style.css/wp-content/plugins/wb-product-enquiry/assets/js/wb-product-enquiry.js/wp-content/plugins/wb-product-enquiry/assets/js/wb-product-enquiry.jswb-product-enquiry/assets/css/wb-product-enquiry-style.css?ver=wb-product-enquiry/assets/js/wb-product-enquiry.js?ver=HTML / DOM Fingerprints
<!-- V change input option to checkbox --><!-- V add second checkbox for enable product enquiries --><!-- V Do the catalog mode, function for disabling all add to carts, redirects on cart page and checkout page --><!-- V Add a filter with a contact form to single product page -->+12 morename="wb_product_enquiry_options[wb_product_enquiry_EnableCatalogMode]"name="wb_product_enquiry_options[wb_product_enquiry_hidePrices]"name="wb_product_enquiry_options[wb_product_enquiry_EnableProductEnquiryMode]"name="wb_product_enquiry_options[wb_product_enquiry_enquiryRecipients]"name="wb_product_enquiry_options[wb_product_enquiry_disableAdminEmail]"name="wb_product_enquiry_options[wb_product_enquiry_disableEnquiriesSaving]"+1 more