Gravitymaster Product Enquiry For Woocommerce — known CVE vulnerabilities
Every CVE whose affected-product data names Gravitymaster Product Enquiry For Woocommerce, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2023-7151 — CVSS 6.1 (medium): The Product Enquiry for WooCommerce WordPress plugin before 3.2 does not sanitise and escape the page parameter before outputting it back…
CVE-2023-6626 — CVSS 4.8 (medium): The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not sanitise and escape some of its settings, which could allow high…
CVE-2023-6625 — CVSS 4.3 (medium): The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not have a CSRF check in place when deleting inquiries, which could…