4 matches found
CVE-2025-11806
The Qzzr Shortcode Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'qzzr' shortcode in all versions up to, and including, 1.0.1. This is due to insufficient input sanitization and output escaping on the 'quiz' attribute. This makes it possible for authenticated attackers...
EUVD-2025-37288
The Qzzr Shortcode Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'qzzr' shortcode in all versions up to, and including, 1.0.1. This is due to insufficient input sanitization and output escaping on the 'quiz' attribute. This makes it possible for authenticated attackers...
CVE-2025-11806
The CVE-2025-11806 issue affects the Qzzr Shortcode Plugin for WordPress and is a Stored Cross-Site Scripting vulnerability in the qzzr shortcode. Details from connected documents indicate: affected software is Qzzr Shortcode Plugin for WordPress with versions up to and including 1.0.1 (some sour...
PT-2025-44577
Name of the Vulnerable Software and Affected Versions Qzzr Shortcode Plugin for WordPress versions prior to 1.0.2 Description The Qzzr Shortcode Plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'qzzr' shortcode. This is a result of inadequate input sanitization and...