Lucene search
K

356 matches found

CVE
CVE
added 4 days ago11 views

CVE-2026-9230

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress

4.3CVSS6AI score0.00312EPSS
Exploits0References14
Patchstack
Patchstack
added 5 days ago5 views

WordPress Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin <= 11.1.4 - Missing Authorization to Authenticated (Contributor+) Arbitrary Quiz Modification and Email Reroute vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary Quiz Modification and Email Reroute vulnerability discovered by Kirasec in WordPress Plugin Quiz And Survey Master versions = 11.1.4...

4.3CVSS5.9AI score0.00312EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/27 6:50 a.m.9 views

EUVD-2026-39952

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS5.9AI score0.00272EPSS
Exploits0References12
CVE
CVE
added 2026/06/27 6:50 a.m.18 views

CVE-2026-9233

CVE-2026-9233 affects the WordPress plugin Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker up to version 11.1.4 . The root cause is an authorization bypass in the AJAX action qsm_insert_quiz_template , allowing authenticated users with contributor-level access and above to create, modif...

4.3CVSS5.9AI score0.00272EPSS
Exploits0References12
EUVD
EUVD
added 2026/06/15 9:30 p.m.7 views

EUVD-2026-36990

Unauthenticated Cross Site Scripting XSS in Quiz And Survey Master = 11.0.0 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/15 8:18 p.m.6 views

CVE-2026-40787 WordPress Quiz And Survey Master plugin <= 11.0.0 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Quiz And Survey Master = 11.0.0 versions...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:18 p.m.15 views

CVE-2026-40787

The vulnerability concerns the WordPress Quiz And Survey Master plugin (versions ≤ 11.0.0). It is an unauthenticated Cross Site Scripting (XSS) flaw identified in these releases. The connected sources confirm the affected product and the XSS impact but do not specify the exact root cause, vulnera...

7.1CVSS5.1AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:18 p.m.25 views

CVE-2026-40787 WordPress Quiz And Survey Master plugin <= 11.0.0 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Quiz And Survey Master = 11.0.0 versions...

7.1CVSS0.00175EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.8 views

PT-2026-49476

Name of the Vulnerable Software and Affected Versions Quiz And Survey Master versions prior to 11.1.3 Description Unauthenticated Cross Site Scripting XSS exists in the software, allowing an attacker to execute malicious scripts in the victim's browser without requiring authentication...

7.1CVSS5.9AI score0.00175EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/06/06 12:0 a.m.9 views

WordPress plugin Quiz and Survey Master SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.9CVSS5.8AI score0.00352EPSS
Exploits0References13
Patchstack
Patchstack
added 2026/04/23 9:45 a.m.8 views

WordPress Quiz And Survey Master plugin <= 11.0.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jakub Herman in WordPress Plugin Quiz And Survey Master versions = 11.0.0...

5.1AI score0.00175EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/04/17 6:16 a.m.7 views

CVE-2026-5797

The Quiz And Survey Master plugin for WordPress is vulnerable to Arbitrary Shortcode Execution in versions up to and including 11.1.0. This is due to insufficient input sanitization and the execution of doshortcode on user-submitted quiz answer text. User-submitted answers pass through...

5.3CVSS0.00519EPSS
Exploits0References10
Vulnrichment
Vulnrichment
added 2026/04/17 5:29 a.m.7 views

CVE-2026-5797 Quiz and Survey Master (QSM) <= 11.1.0 - Unauthenticated Shortcode Injection Leading to Arbitrary Quiz Result Disclosure via Quiz Answer Text Input Fields

The Quiz And Survey Master plugin for WordPress is vulnerable to Arbitrary Shortcode Execution in versions up to and including 11.1.0. This is due to insufficient input sanitization and the execution of doshortcode on user-submitted quiz answer text. User-submitted answers pass through...

5.3CVSS6AI score0.00519EPSS
Exploits0References10
CVE
CVE
added 2026/04/17 5:29 a.m.11 views

CVE-2026-5797

The CVE-2026-5797 issue affects the WordPress plugin Quiz And Survey Master (QSM) up to version 11.1.0 . The vulnerability stems from insufficient input sanitization of user-submitted quiz answer text and the plugin calling do_shortcode() on the entire results page output, including answers. Sinc...

5.3CVSS6AI score0.00519EPSS
Exploits0References10
Patchstack
Patchstack
added 2026/04/17 2:13 a.m.13 views

WordPress Quiz and Survey Master (QSM) plugin <= 11.1.0 - Unauthenticated Shortcode Injection Leading to Arbitrary Quiz Result Disclosure via Quiz Answer Text Input Fields vulnerability

Unauthenticated Shortcode Injection Leading to Arbitrary Quiz Result Disclosure via Quiz Answer Text Input Fields vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Quiz And Survey Master versions = 10.1.0...

5.3CVSS5.8AI score0.00519EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.6 views

PT-2026-33411

The Quiz And Survey Master plugin for WordPress is vulnerable to Arbitrary Shortcode Execution in versions up to and including 11.1.0. This is due to insufficient input sanitization and the execution of do shortcode on user-submitted quiz answer text. User-submitted answers pass through sanitize...

5.3CVSS6AI score0.00519EPSS
Exploits0References11
NVD
NVD
added 2026/03/23 11:17 p.m.4 views

CVE-2026-2412

The Quiz and Survey Master QSM plugin for WordPress is vulnerable to SQL Injection via the 'mergedquestion' parameter in all versions up to, and including, 10.3.5. This is due to insufficient sanitization of user-supplied input before being used in a SQL query. The sanitizetextfield function...

6.5CVSS0.00318EPSS
Exploits0References5
NVD
NVD
added 2026/02/20 4:22 p.m.7 views

CVE-2025-67987

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows SQL Injection.This issue affects Quiz And Survey Master: from n/a through = 10.3.1...

8.5CVSS0.00264EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/20 3:46 p.m.5 views

CVE-2025-67987 WordPress Quiz And Survey Master plugin <= 10.3.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows SQL Injection.This issue affects Quiz And Survey Master: from n/a through = 10.3.1...

8.5CVSS5.7AI score0.00264EPSS
Exploits0References1
CVE
CVE
added 2026/02/20 3:46 p.m.43 views

CVE-2025-67987

CVE-2025-67987 affects the WordPress plugin Quiz and Survey Master (quiz-master-next)

8.5CVSS6.1AI score0.00264EPSS
Exploits0References1
Rows per page
Query Builder