84 matches found
CVE-2025-50035
CVE-2025-50035 concerns WordPress plugin Fyrebox Quizzes (versions n/a through 3.0). Root cause: improper neutralization of input during web page generation, enabling Stored XSS. Affected software: CyrilG Fyrebox Quizzes (WordPress plugin). Impact as described: stored XSS vulnerability that could...
CVE-2025-50035 WordPress Fyrebox Quizzes plugin <= 3.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CyrilG Fyrebox Quizzes allows Stored XSS. This issue affects Fyrebox Quizzes: from n/a through 3.0...
WordPress plugin Fyrebox Quizzes 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-26388 · Unknown · Fyrebox Quizzes
Name of the Vulnerable Software and Affected Versions: Fyrebox Quizzes versions n/a through 3.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...
WordPress Fyrebox Quizzes plugin <= 3.1 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin Fyrebox Quizzes versions = 3.1...
CVE-2024-1078
The Quiz Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the aysquickstart and addquestionrows functions in all versions up to, and including, 6.5.2.4. This makes it possible for authenticated attackers, with subscriber-level acce...
CVE-2024-9351
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to missing or incorrect nonce validation on the quiz 'createmodule' function. This makes it possible f...
CVE-2025-25125
Cross-Site Request Forgery CSRF vulnerability in CyrilG Fyrebox Quizzes fyrebox-shortcode allows Stored XSS.This issue affects Fyrebox Quizzes: from n/a through = 3.1...
CVE-2025-25125
Cross-Site Request Forgery CSRF vulnerability in CyrilG Fyrebox Quizzes fyrebox-shortcode allows Stored XSS.This issue affects Fyrebox Quizzes: from n/a through = 3.1...
CVE-2025-25125
CVE-2025-25125 concerns a CSRF to stored XSS vulnerability in WordPress plugin Fyrebox Quizzes (CyrilG) affecting versions from n/a up to 2.7. The CVE is tracked in multiple feeds; the vulnerability is confirmed in WordPress/Fyrebox Quizzes context and is rated 7.1 ( HIGH ) by CVSS 3.1 with netwo...
CVE-2025-25125 WordPress Fyrebox Quizzes plugin <= 3.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in CyrilG Fyrebox Quizzes fyrebox-shortcode allows Stored XSS.This issue affects Fyrebox Quizzes: from n/a through = 3.1...
CVE-2025-25125 WordPress Fyrebox Quizzes plugin <= 2.7 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in CyrilG Fyrebox Quizzes allows Stored XSS. This issue affects Fyrebox Quizzes: from n/a through 2.7...
WordPress plugin Fyrebox Quizzes 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...
PT-2025-5943 · Unknown · Fyrebox Quizzes
Name of the Vulnerable Software and Affected Versions: Fyrebox Quizzes versions n/a through 2.7 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS in Fyrebox Quizzes. Recommendations: For versions n/a through 2.7, update to a version that contains a f...
WordPress Fyrebox Quizzes plugin <= 3.1 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin Fyrebox Quizzes versions = 3.1...
CVE-2025-23724
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oleksandr87 University Quizzes Online university-quizzes-online allows Reflected XSS.This issue affects University Quizzes Online: from n/a through = 1.4...
CVE-2025-23724 WordPress University Quizzes Online plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oleksandr87 University Quizzes Online university-quizzes-online allows Reflected XSS.This issue affects University Quizzes Online: from n/a through = 1.4...
CVE-2025-23724
CVE-2025-23724 describes a Reflected XSS in the University Quizzes Online plugin. Public sources (NVD/Red Hat) attribute the issue to improper neutralization of user input during web page generation, enabling reflected cross-site scripting. Affected software: University Quizzes Online plugin vers...
WordPress plugin University Quizzes Online 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
PT-2025-5051 · Unknown · University Quizzes Online
Name of the Vulnerable Software and Affected Versions: Oleksandr Ustymenko University Quizzes Online versions n/a through 1.4 Description: The issue is related to improper neutralization of input during web page generation, which allows Reflected XSS. This means an attacker can inject malicious...