I have discussed the issue with cloudways support, and they say it is caused by the plugin:
The 403 response is particular to the plugin only and what the code has and we're able to reproduce it now.
https://i.imgur.com/YcIE8zS.png
https://i.imgur.com/BO2l8pV.png
The app code itself responds with -1 and likely the vendor will have more comments on this.
[Wed Oct 12 01:22:00.395493 2022] [access_compat:error] [pid 26264:tid 139858882156288] [client 116.105.133.66:0] AH01797: client denied by server configuration: /home/689846.cloudwaysapps.com/ufmgabxkzp/public_html/wp-content/uploads/woocommerce_uploads/, referer: https://forum.stockmanagementlabs.com/
or my test visit:
[Wed Oct 12 04:38:49.743229 2022] [access_compat:error] [pid 26262:tid 139860193683200] [client 175.176.2.241:0] AH01797: client denied by server configuration: /home/689846.cloudwaysapps.com/ufmgabxkzp/public_html/wp-content/uploads/woocommerce_uploads/
is expected if for some reason, someone tries to visit a folder. By default, we don't show files in there as it's a security concern, but this is not related to issue above.
Note too, we don't use mod_security in our stack.
To further confirm this issue, you may also clone a copy of your app code in a local server (xampp or wampp) and share with the vendor the results for both ours and local installation.