Lucene search

CVE-2022-4032

🗓️ 29 Nov 2022 21:12:15Reported by WordfenceType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 48 Views

The Quiz and Survey Master WordPress plugin (up to v8.0.4) is vulnerable to iFrame Injection via 'question[id]' parameter due to insufficient input sanitization and output escaping

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
Cvelist	CVE-2022-4032	29 Nov 202220:23	–	cvelist
CNVD	WordPress Quiz and Survey Master plugin iFrame Injection Vulnerability	1 Dec 202200:00	–	cnvd
Vulnrichment	CVE-2022-4032	29 Nov 202220:23	–	vulnrichment
NVD	CVE-2022-4032	29 Nov 202221:15	–	nvd
RedhatCVE	CVE-2022-4032	5 Feb 202520:23	–	redhatcve
OSV	CVE-2022-4032	29 Nov 202221:15	–	osv
WPVulnDB	Quiz and Survey Master < 8.0.5 - Unauthenticated iFrame Injection	29 Nov 202200:00	–	wpvulndb
Prion	Input validation	29 Nov 202221:15	–	prion

Nvd

Vulners

Node

expresstech quiz_and_survey_masterRange≤8.0.4wordpress

[
  {
    "vendor": "expresstech",
    "product": "Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThanOrEqual": "8.0.4",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/changeset
wordfence	www.wordfence.com/vulnerability-advisories-continued/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 Nov 2022 21:15Current

6.3Medium risk

Vulners AI Score6.3

CVSS36.1 - 7.2

EPSS0.00767

SSVC

CWE-79