Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
expresstech quiz and survey master vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-3575
The Quiz And Survey Master WordPress plugin prior to 8.1.11 does not properly sanitize and escape question titles, which could allow users with the Contributor role and above to perform Stored Cross-Site Scripting attacks
Expresstech Quiz And Survey Master
7.2
CVSSv3
CVE-2021-36898
Auth. SQL Injection (SQLi) vulnerability in Quiz And Survey Master plugin <= 7.3.4 on WordPress.
Expresstech Quiz And Survey Master
5.4
CVSSv3
CVE-2021-36905
Multiple Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in Quiz And Survey Master plugin <= 7.3.4 on WordPress.
Expresstech Quiz And Survey Master
7.5
CVSSv3
CVE-2022-42883
Sensitive Information Disclosure vulnerability discovered by Quiz And Survey Master plugin <= 7.3.10 on WordPress.
Expresstech Quiz And Survey Master
9.8
CVSSv3
CVE-2020-35949
An issue exists in the Quiz and Survey Master plugin prior to 7.0.1 for WordPress. It made it possible for unauthenticated malicious users to upload arbitrary files and achieve remote code execution. If a quiz question could be answered by uploading a file, only the Content-Type ...
Expresstech Quiz And Survey Master
9.9
CVSSv3
CVE-2020-35951
An issue exists in the Quiz and Survey Master plugin prior to 7.0.1 for WordPress. It allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offline and allow an malicious user to reinstall with a WordPress instance under their cont...
Expresstech Quiz And Survey Master
8.8
CVSSv3
CVE-2022-0180
Cross-site request forgery (CSRF) vulnerability in Quiz And Survey Master versions before 7.3.7 allows a remote malicious user to hijack the authentication of administrators and conduct arbitrary operations via a specially crafted web page.
Expresstech Quiz And Survey Master
6.1
CVSSv3
CVE-2022-0181
Reflected cross-site scripting vulnerability in Quiz And Survey Master versions before 7.3.7 allows a remote malicious user to inject an arbitrary script via unspecified vectors.
Expresstech Quiz And Survey Master
5.4
CVSSv3
CVE-2022-0182
Stored cross-site scripting vulnerability in Quiz And Survey Master versions before 7.3.7 allows a remote authenticated malicious user to inject an arbitrary script via an website that uses Quiz And Survey Master.
Expresstech Quiz And Survey Master
5.3
CVSSv3
CVE-2022-4033
The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input validation that allows malicious users to inject content other than the specified ...
Expresstech Quiz And Survey Master
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »