Lucene search

[email protected]NVD:CVE-2021-36898

HistoryOct 28, 2022 - 6:15 p.m.

CVE-2021-36898

2022-10-2818:15:10

CWE-89

[email protected]

web.nvd.nist.gov

sql injection

authentication

wordpress

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

37.0%

JSON

Auth. SQL Injection (SQLi) vulnerability in Quiz And Survey Master plugin <= 7.3.4 on WordPress.

Affected configurations

Nvd

Node

expresstechquiz_and_survey_masterRange≤7.3.4wordpress

VendorProductVersionCPE
expresstechquiz_and_survey_master*cpe:2.3:a:expresstech:quiz_and_survey_master:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
expresstech	quiz_and_survey_master	*	cpe:2.3:a:expresstech:quiz_and_survey_master::::::wordpress::*

References

patchstack.com/database/vulnerability/quiz-master-next/wordpress-quiz-and-survey-master-plugin-7-3-4-auth-sql-injection-sqli-vulnerability?_s_id=cve

wordpress.org/plugins/quiz-master-next/#developers

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

37.0%

JSON

Related for NVD:CVE-2021-36898

cvelist1 prion1 patchstack1 cnvd1 wpvulndb1 cve1