Vulnerabilities > Piwebsolution > Product Enquiry FOR Woocommerce
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-27 | CVE-2024-8922 | Deserialization of Untrusted Data vulnerability in Piwebsolution Product Enquiry for Woocommerce The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.33.32 via deserialization of untrusted input in enquiry_detail.php. | 8.8 |
| 2024-01-16 | CVE-2023-7151 | Cross-site Scripting vulnerability in Piwebsolution Product Enquiry for Woocommerce The Product Enquiry for WooCommerce WordPress plugin before 3.2 does not sanitise and escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | 6.1 |
| 2023-04-07 | CVE-2023-29170 | Unspecified vulnerability in Piwebsolution Product Enquiry for Woocommerce 2.2.7 Auth. | 4.8 |