Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
expresstech quiz and survey master vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-42883
Sensitive Information Disclosure vulnerability discovered by Quiz And Survey Master plugin <= 7.3.10 on WordPress.
Expresstech Quiz And Survey Master
4.8
CVSSv3
CVE-2021-24691
The Quiz And Survey Master WordPress plugin prior to 7.3.2 does not escape the Quiz Url Slug setting before outputting it in some pages, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
Expresstech Quiz And Survey Master
6.1
CVSSv3
CVE-2021-20792
Cross-site scripting vulnerability in Quiz And Survey Master versions before 7.1.14 allows a remote malicious user to inject arbitrary script via unspecified vectors.
Expresstech Quiz And Survey Master
6.1
CVSSv3
CVE-2021-24368
The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin WordPress plugin prior to 7.1.18 did not sanitise or escape its result_id parameter when displaying an existing quiz result page, leading to a reflected Cross-Site Scripting issue. This could allow for privilege...
Expresstech Quiz And Survey Master
5.4
CVSSv3
CVE-2021-36905
Multiple Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in Quiz And Survey Master plugin <= 7.3.4 on WordPress.
Expresstech Quiz And Survey Master
5.4
CVSSv3
CVE-2023-3575
The Quiz And Survey Master WordPress plugin prior to 8.1.11 does not properly sanitize and escape question titles, which could allow users with the Contributor role and above to perform Stored Cross-Site Scripting attacks
Expresstech Quiz And Survey Master
8.8
CVSSv3
CVE-2022-46862
Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin <= 8.0.7 versions.
Expresstech Quiz And Survey Master
8.8
CVSSv3
CVE-2021-24221
The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin prior to 7.1.12 did not sanitise the result_id GET parameter on pages with the [qsm_result] shortcode without id attribute, concatenating it in a SQL statement and leading to an SQL injectio...
Expresstech Quiz And Survey Master
6.5
CVSSv3
CVE-2016-11085
php/qmn_options_questions_tab.php in the quiz-master-next plugin prior to 4.7.9 for WordPress allows CSRF, with resultant stored XSS, via the question_name parameter because js/admin_question.js mishandles parsing inside of a SCRIPT element.
Expresstech Quiz And Survey Master
9.8
CVSSv3
CVE-2020-35949
An issue exists in the Quiz and Survey Master plugin prior to 7.0.1 for WordPress. It made it possible for unauthenticated malicious users to upload arbitrary files and achieve remote code execution. If a quiz question could be answered by uploading a file, only the Content-Type ...
Expresstech Quiz And Survey Master
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »