CVE-2026-14249
Last modified
CVE-2026-14249 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. The Request a Quote plugin for WordPress is vulnerable to Code Injection in versions up to, and including, 2.5.5 via the emd_delete_file AJAX action. This is due to the emd_delete_file() handler deriving a PHP function name from the attacker-controlled $_POST['path'] parameter and invoking it dynamically via the variable-function call $sess_name(), and the handler being registered for wp_ajax_nopriv with its only protection being a nonce that the plugin prints into the public quote-form page via wp_localize_script. EPSS estimates a 0.33% chance of exploitation in the next 30 days.
Description
The Request a Quote plugin for WordPress is vulnerable to Code Injection in versions up to, and including, 2.5.5 via the emd_delete_file AJAX action. This is due to the emd_delete_file() handler deriving a PHP function name from the attacker-controlled $_POST['path'] parameter and invoking it dynamically via the variable-function call $sess_name(), and the handler being registered for wp_ajax_nopriv with its only protection being a nonce that the plugin prints into the public quote-form page via wp_localize_script. This makes it possible for unauthenticated attackers to invoke arbitrary zero-argument PHP functions on the server, such as phpinfo(), potentially exposing sensitive server configuration and credentials, or executing other destructive built-in PHP functions.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Weakness Enumeration
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| emarket-design | Request a Quote – Quote Forms for Any WordPress Site | <= 2.5.5 |
References
Timeline
- Published
- Last Modified
- Status
- Deferred
Frequently Asked Questions
What is CVE-2026-14249?
How severe is CVE-2026-14249?
How do I fix CVE-2026-14249?
Related CVEs from 2026
- CVE-2026-1422A vulnerability was found in code-projects Online Examinatio…9.8
- CVE-2026-1423A vulnerability was determined in code-projects Online Exami…9.8
- CVE-2026-1424A vulnerability was identified in PHPGurukul News Portal 1.0…7.2
- CVE-2026-14241Memory safety bugs present in Firefox 152.0.3. Some of these…9.8
- CVE-2026-14244The Jssor Slider by jssor.com plugin for WordPress is vulner…7.5
- CVE-2026-14245The miniOrange OTP Login, Verification and SMS Notifications…9.8
- CVE-2026-1425A security flaw has been discovered in pymumu SmartDNS up to…6.3
- CVE-2026-14250The Themehunk Login Registration plugin for WordPress is vul…6.3
- CVE-2026-14258A flaw was found in dhcpcd's IPv6 Neighbor Discovery Router …6.5
- CVE-2026-1426The Advanced AJAX Product Filters plugin for WordPress is vu…8.8
- CVE-2026-14261A vulnerability in the Xerte Online Tools allows for authent…9.1
- CVE-2026-14265Deserialization of untrusted data in the RemoteQueryCachePlu…8.8
Are you affected by CVE-2026-14249?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
