CVE-2025-57425

A Stored Cross-Site Scripting XSS vulnerability in SourceCodester FAQ Management System 1.0 allows an authenticated attacker to inject malicious JavaScript into the 'question' and 'answer' fields via the update-faq.php endpoint...

Flashcard Quiz App Cross-Site Scripting Vulnerability

Flashcard Quiz App is a dynamic tool for rems individual developers designed to promote interactive learning and knowledge retention. A cross-site scripting vulnerability exists in Flashcard Quiz App version 1.0, which stems from the parameter question/answer in the file...

PT-2024-16880 · WordPress · The Tutor Lms

Name of the Vulnerable Software and Affected Versions: The Tutor LMS – eLearning and online course solution plugin for WordPress versions up to, and including, 2.6.0 Description: The issue is due to insufficient sanitization of HTML input in the Q&A functionality, making it possible for...

CVE-2021-4408

The DW Question & Answer plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.8. This is due to missing or incorrect nonce validation on the updateanswer function. This makes it possible for unauthenticated attackers to update answers to questions...

CVE-2021-24805

The DW Question & Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as update a comment or a question status...

WordPress plugin DW Question & Answer Pro 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress DW Question...

CVE-2017-17871

The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter...

CVE-2017-17871

The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter...

Joomla JEXTN Question And Answer 3.1.0 Component - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection Dork: N/A Date: 13.12.2017 Vendor Homepage: http://jextn.com/ Software Link:...

Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection

Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection Exploit Title: Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection Dork: N/A Date: 13.12.2017 Vendor Homepage: http://jextn.com/ Software Link:...

Question And Answer Forum 1.2.4 Cross Site Scripting

Vulnerability ID: HTB22861 Reference: http://www.htbridge.ch/advisory/xssinquestionandanswerforumwordpressplugin.html Product: Question and Answer Forum wordpress plugin Vendor: David Woodford hhttp://trevorpythag.co.uk Vulnerable Version: 1.2.4 Vendor Notification: 15 February 2011 Vulnerability...

Cross-site Scripting (XSS) Vulnerability in Question and Answer Forum

High-Tech Bridge SA Security Research Lab has discovered vulnerability in Question and Answer Forum WordPress plugin which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Question and Answer Forum The vulnerability exists due to input...