Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
expresstech quiz and survey master vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2022-0180
Cross-site request forgery (CSRF) vulnerability in Quiz And Survey Master versions before 7.3.7 allows a remote malicious user to hijack the authentication of administrators and conduct arbitrary operations via a specially crafted web page.
Expresstech Quiz And Survey Master
383
VMScore
CVE-2022-0181
Reflected cross-site scripting vulnerability in Quiz And Survey Master versions before 7.3.7 allows a remote malicious user to inject an arbitrary script via unspecified vectors.
Expresstech Quiz And Survey Master
312
VMScore
CVE-2022-0182
Stored cross-site scripting vulnerability in Quiz And Survey Master versions before 7.3.7 allows a remote authenticated malicious user to inject an arbitrary script via an website that uses Quiz And Survey Master.
Expresstech Quiz And Survey Master
NA
CVE-2021-36863
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress.
Expresstech Quiz And Survey Master
NA
CVE-2022-4033
The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input validation that allows malicious users to inject content other than the specified ...
Expresstech Quiz And Survey Master
NA
CVE-2022-40698
Auth. (subscriber+) Cross-Site Scripting (XSS) vulnerability in Quiz And Survey Master plugin <= 7.3.10 on WordPress.
Expresstech Quiz And Survey Master
NA
CVE-2023-0292
The Quiz And Survey Master plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.0.8. This is due to missing nonce validation on the function associated with the qsm_remove_file_fd_question AJAX action. This makes it possible for una...
Expresstech Quiz And Survey Master
NA
CVE-2023-3575
The Quiz And Survey Master WordPress plugin prior to 8.1.11 does not properly sanitize and escape question titles, which could allow users with the Contributor role and above to perform Stored Cross-Site Scripting attacks
Expresstech Quiz And Survey Master
383
VMScore
CVE-2021-20792
Cross-site scripting vulnerability in Quiz And Survey Master versions before 7.1.14 allows a remote malicious user to inject arbitrary script via unspecified vectors.
Expresstech Quiz And Survey Master
NA
CVE-2021-36905
Multiple Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in Quiz And Survey Master plugin <= 7.3.4 on WordPress.
Expresstech Quiz And Survey Master
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »