Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
expresstech quiz and survey master vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-35949
An issue exists in the Quiz and Survey Master plugin prior to 7.0.1 for WordPress. It made it possible for unauthenticated malicious users to upload arbitrary files and achieve remote code execution. If a quiz question could be answered by uploading a file, only the Content-Type ...
Expresstech Quiz And Survey Master
571
VMScore
CVE-2020-35951
An issue exists in the Quiz and Survey Master plugin prior to 7.0.1 for WordPress. It allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offline and allow an malicious user to reinstall with a WordPress instance under their cont...
Expresstech Quiz And Survey Master
NA
CVE-2022-40698
Auth. (subscriber+) Cross-Site Scripting (XSS) vulnerability in Quiz And Survey Master plugin <= 7.3.10 on WordPress.
Expresstech Quiz And Survey Master
NA
CVE-2022-41652
Bypass vulnerability in Quiz And Survey Master plugin <= 7.3.10 on WordPress.
Expresstech Quiz And Survey Master
383
VMScore
CVE-2019-17599
The quiz-master-next (aka Quiz And Survey Master) plugin prior to 6.3.5 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an malicious user to execute arbitrary HTML and JavaScript code via the from or till parameter (and/or the quiz_id parameter). T...
Expresstech Quiz And Survey Master
NA
CVE-2022-42883
Sensitive Information Disclosure vulnerability discovered by Quiz And Survey Master plugin <= 7.3.10 on WordPress.
Expresstech Quiz And Survey Master
NA
CVE-2023-3575
The Quiz And Survey Master WordPress plugin prior to 8.1.11 does not properly sanitize and escape question titles, which could allow users with the Contributor role and above to perform Stored Cross-Site Scripting attacks
Expresstech Quiz And Survey Master
NA
CVE-2022-4032
The Quiz and Survey Master plugin for WordPress is vulnerable to iFrame Injection via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input sanitization and output escaping that allowed iframe tags to be injected. This makes it p...
Expresstech Quiz And Survey Master
NA
CVE-2022-4033
The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input validation that allows malicious users to inject content other than the specified ...
Expresstech Quiz And Survey Master
578
VMScore
CVE-2021-24221
The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin prior to 7.1.12 did not sanitise the result_id GET parameter on pages with the [qsm_result] shortcode without id attribute, concatenating it in a SQL statement and leading to an SQL injectio...
Expresstech Quiz And Survey Master
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »