Lucene search
K

84 matches found

CVE
CVE
added 2025/06/20 3:3 p.m.21 views

CVE-2025-50035

CVE-2025-50035 concerns WordPress plugin Fyrebox Quizzes (versions n/a through 3.0). Root cause: improper neutralization of input during web page generation, enabling Stored XSS. Affected software: CyrilG Fyrebox Quizzes (WordPress plugin). Impact as described: stored XSS vulnerability that could...

6.5CVSS5.9AI score0.00209EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/20 3:3 p.m.2 views

CVE-2025-50035 WordPress Fyrebox Quizzes plugin <= 3.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CyrilG Fyrebox Quizzes allows Stored XSS. This issue affects Fyrebox Quizzes: from n/a through 3.0...

6.5CVSS6.4AI score0.00209EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.4 views

WordPress plugin Fyrebox Quizzes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS5.8AI score0.00209EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/20 12:0 a.m.3 views

PT-2025-26388 · Unknown · Fyrebox Quizzes

Name of the Vulnerable Software and Affected Versions: Fyrebox Quizzes versions n/a through 3.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject...

6.5CVSS6.1AI score0.00209EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/06/19 4:25 p.m.6 views

WordPress Fyrebox Quizzes plugin <= 3.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin Fyrebox Quizzes versions = 3.1...

6.5CVSS6AI score0.00209EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 9:39 a.m.8 views

CVE-2024-1078

The Quiz Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the aysquickstart and addquestionrows functions in all versions up to, and including, 6.5.2.4. This makes it possible for authenticated attackers, with subscriber-level acce...

4.3CVSS6.6AI score0.00359EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:14 a.m.6 views

CVE-2024-9351

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.35.1. This is due to missing or incorrect nonce validation on the quiz 'createmodule' function. This makes it possible f...

4.3CVSS5.2AI score0.00207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/09 10:18 a.m.9 views

CVE-2025-25125

Cross-Site Request Forgery CSRF vulnerability in CyrilG Fyrebox Quizzes fyrebox-shortcode allows Stored XSS.This issue affects Fyrebox Quizzes: from n/a through = 3.1...

7.1CVSS7.2AI score0.0015EPSS
Exploits0References1
NVD
NVD
added 2025/02/07 10:15 a.m.13 views

CVE-2025-25125

Cross-Site Request Forgery CSRF vulnerability in CyrilG Fyrebox Quizzes fyrebox-shortcode allows Stored XSS.This issue affects Fyrebox Quizzes: from n/a through = 3.1...

7.1CVSS0.0015EPSS
Exploits0References1
CVE
CVE
added 2025/02/07 10:11 a.m.56 views

CVE-2025-25125

CVE-2025-25125 concerns a CSRF to stored XSS vulnerability in WordPress plugin Fyrebox Quizzes (CyrilG) affecting versions from n/a up to 2.7. The CVE is tracked in multiple feeds; the vulnerability is confirmed in WordPress/Fyrebox Quizzes context and is rated 7.1 ( HIGH ) by CVSS 3.1 with netwo...

7.1CVSS7.2AI score0.0015EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/07 10:11 a.m.17 views

CVE-2025-25125 WordPress Fyrebox Quizzes plugin <= 3.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in CyrilG Fyrebox Quizzes fyrebox-shortcode allows Stored XSS.This issue affects Fyrebox Quizzes: from n/a through = 3.1...

7.1CVSS0.0015EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/07 10:11 a.m.5 views

CVE-2025-25125 WordPress Fyrebox Quizzes plugin <= 2.7 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in CyrilG Fyrebox Quizzes allows Stored XSS. This issue affects Fyrebox Quizzes: from n/a through 2.7...

7.1CVSS6.8AI score0.0015EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/02/07 12:0 a.m.3 views

WordPress plugin Fyrebox Quizzes 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

7.1CVSS8.6AI score0.0015EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/02/07 12:0 a.m.4 views

PT-2025-5943 · Unknown · Fyrebox Quizzes

Name of the Vulnerable Software and Affected Versions: Fyrebox Quizzes versions n/a through 2.7 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS in Fyrebox Quizzes. Recommendations: For versions n/a through 2.7, update to a version that contains a f...

7.1CVSS9.1AI score0.0015EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/02/03 4:12 p.m.2 views

WordPress Fyrebox Quizzes plugin <= 3.1 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin Fyrebox Quizzes versions = 3.1...

7.1CVSS6.2AI score0.0015EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/01/23 4:15 p.m.9 views

CVE-2025-23724

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oleksandr87 University Quizzes Online university-quizzes-online allows Reflected XSS.This issue affects University Quizzes Online: from n/a through = 1.4...

7.1CVSS0.00246EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/23 3:29 p.m.16 views

CVE-2025-23724 WordPress University Quizzes Online plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oleksandr87 University Quizzes Online university-quizzes-online allows Reflected XSS.This issue affects University Quizzes Online: from n/a through = 1.4...

7.1CVSS0.00246EPSS
Exploits0References1
CVE
CVE
added 2025/01/23 3:29 p.m.55 views

CVE-2025-23724

CVE-2025-23724 describes a Reflected XSS in the University Quizzes Online plugin. Public sources (NVD/Red Hat) attribute the issue to improper neutralization of user input during web page generation, enabling reflected cross-site scripting. Affected software: University Quizzes Online plugin vers...

7.1CVSS7.2AI score0.00246EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/23 12:0 a.m.4 views

WordPress plugin University Quizzes Online 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

7.1CVSS7.6AI score0.00246EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/23 12:0 a.m.4 views

PT-2025-5051 · Unknown · University Quizzes Online

Name of the Vulnerable Software and Affected Versions: Oleksandr Ustymenko University Quizzes Online versions n/a through 1.4 Description: The issue is related to improper neutralization of input during web page generation, which allows Reflected XSS. This means an attacker can inject malicious...

7.1CVSS9.2AI score0.00246EPSS
Exploits0References5
Rows per page
Query Builder