30 matches found
CVE-2026-20219
A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affect quiz and poll results. Cisco has addressed this vulnerability in Cisco Slido and no customer action is needed. This vulnerability existed...
CVE-2026-20219
A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affect quiz and poll results. Cisco has addressed this vulnerability in Cisco Slido and no customer action is needed. This vulnerability existed...
CVE-2026-20219
A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affect quiz and poll results. Cisco has addressed this vulnerability in Cisco Slido and no customer action is needed. This vulnerability existed...
CVE-2026-20219
Cisco Slido REST API contains an insecure direct object reference that could let an authenticated, remote attacker view other users’ social profiles or affect quiz/poll results via a crafted request. Impact described as low confidentiality and integrity impact, with no availability impact. Cisco ...
CVE-2026-20219
A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affect quiz and poll results. Cisco has addressed this vulnerability in Cisco Slido and no customer action is needed. This vulnerability existed...
PT-2026-38080
A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affect quiz and poll results. Cisco has addressed this vulnerability in Cisco Slido and no customer action is needed. This vulnerability existed...
WordPress Quiz and Survey Master (QSM) plugin <= 11.1.0 - Unauthenticated Shortcode Injection Leading to Arbitrary Quiz Result Disclosure via Quiz Answer Text Input Fields vulnerability
Unauthenticated Shortcode Injection Leading to Arbitrary Quiz Result Disclosure via Quiz Answer Text Input Fields vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Quiz And Survey Master versions = 10.1.0...
CVE-2025-9294
The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the qsmdashboarddeleteresult function in all versions up to, and including, 10.3.1. This makes it possible for authenticated attackers,...
CVE-2025-9294
The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the qsmdashboarddeleteresult function in all versions up to, and including, 10.3.1. This makes it possible for authenticated attackers,...
CVE-2025-9294
The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the qsmdashboarddeleteresult function in all versions up to, and including, 10.3.1. This makes it possible for authenticated attackers,...
CVE-2025-9294
CVE-2025-9294 affects the Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker WordPress plugin. Root cause: missing capability check in qsm_dashboard_delete_result, enabling authenticated users with Subscriber-level access and above to delete quiz results on all versions up to 10.3.1. Wordf...
CVE-2025-9294 Quiz And Survey Master <= 10.3.1 - Missing Authorization to Authenticated (Subscriber+) Quiz Results Deletion
The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the qsmdashboarddeleteresult function in all versions up to, and including, 10.3.1. This makes it possible for authenticated attackers,...
CVE-2025-9294 Quiz And Survey Master <= 10.3.1 - Missing Authorization to Authenticated (Subscriber+) Quiz Results Deletion
The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the qsmdashboarddeleteresult function in all versions up to, and including, 10.3.1. This makes it possible for authenticated attackers,...
PT-2026-1427
Name of the Vulnerable Software and Affected Versions Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress versions through 10.3.1 Description The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is susceptible to unauthorized data loss. This...
WordPress Quiz And Survey Master plugin <= 10.3.1 - Missing Authorization to Authenticated (Subscriber+) Quiz Results Deletion vulnerability
Missing Authorization to Authenticated Subscriber+ Quiz Results Deletion vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Quiz And Survey Master versions = 10.3.1...
Linux Distros Unpatched Vulnerability : CVE-2018-1044
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Moodle 3.x, quiz web services allow students to see quiz results when it is prohibited in the settings. CVE-2018-1044 Note that Nessus relies on the presence...
CVE-2025-32808
W. W. Norton InQuizitive through 2025-04-08 allows students to insert arbitrary records of their quiz performance into the backend, because only client-side access control exists...
PT-2024-16548 · WordPress · Quiz Maker
Name of the Vulnerable Software and Affected Versions: The Quiz Maker plugin for WordPress versions up to, and including, 6.5.2.4 Description: The issue arises from a missing capability check on the ays show results function, allowing unauthenticated attackers to access arbitrary quiz results,...
Quiz And Survey Master < 8.1.19 - Multiple Cross-Site Request Forgery
Description The plugin is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.1.18. This is due to missing or incorrect nonce validation on multiple functions. This makes it possible for unauthenticated attackers to show disabled contact fields and delete quiz results...
SUSE CVE-2018-1044
In Moodle 3.x, quiz web services allow students to see quiz results when it is prohibited in the settings...