Lucene search
K

84 matches found

ptsecurity
ptsecurity
added 2023/12/31 12:0 a.m.7 views

PT-2023-31937 · WordPress · Ari Stream Quiz – Wordpress Quizzes Builder

Name of the Vulnerable Software and Affected Versions: ARI Stream Quiz – WordPress Quizzes Builder versions 1.3.0 and earlier Description: The issue is related to the deserialization of untrusted data in ARI Stream Quiz – WordPress Quizzes Builder. This can potentially lead to security risks. No...

9.9CVSS8.8AI score0.00627EPSS
Exploits0References8
nvd
nvd
added 2023/11/23 12:15 a.m.23 views

CVE-2023-47835

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder plugin = 1.2.32 versions...

6.5CVSS0.00377EPSS
Exploits0References1
cvelist
cvelist
added 2023/11/22 11:20 p.m.31 views

CVE-2023-47835 WordPress ARI Stream Quiz Plugin <= 1.2.32 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder plugin = 1.2.32 versions...

6.5CVSS6.7AI score0.00377EPSS
Exploits0References1
cve
cve
added 2023/11/22 11:20 p.m.65 views

CVE-2023-47835

CVE-2023-47835 — ARI Stream Quiz (WordPress)

6.5CVSS6AI score0.00377EPSS
Exploits0References1Affected Software1
osv
osv
added 2022/12/02 9:15 p.m.6 views

CVE-2022-4218

The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4. This is due to missing nonce validation on the listquizzes function. This makes it possible for unauthenticated attackers to delete quizzes and copy quizzes via a forged...

4.3CVSS5.6AI score0.00422EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2022/12/02 12:0 a.m.5 views

PT-2022-26300 · WordPress · Chained Quiz

Name of the Vulnerable Software and Affected Versions: Chained Quiz plugin for WordPress versions up to, and including, 1.3.2.4 Description: The issue is related to Cross-Site Request Forgery due to missing nonce validation on the list quizzes function. This allows unauthenticated attackers to...

5.4CVSS4.4AI score0.00422EPSS
Exploits1References5
cvelist
cvelist
added 2022/04/26 6:36 p.m.26 views

CVE-2022-27854 WordPress Psychological tests & quizzes plugin <= 0.21.19 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability in Alexander Ustimenko's Psychological tests & quizzes plugin = 0.21.19 on WordPress possible for users with contributor or higher role via &wpttestpagesubmitbuttoncaption parameter...

5.4CVSS5.5AI score0.0055EPSS
Exploits0References2
cve
cve
added 2022/04/26 6:36 p.m.94 views

CVE-2022-27854

The CVE-2022-27854 entry documents an authenticated Stored Cross-Site Scripting (XSS) vulnerability in Alexander Ustimenko’s WordPress plugin “Psychological tests & quizzes” (versions

5.4CVSS5.2AI score0.0055EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2022/04/26 6:3 p.m.25 views

CVE-2021-36867 WordPress Psychological tests & quizzes plugin <= 0.21.19 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability in Alexander Ustimenko's Psychological tests & quizzes plugin = 0.21.19 on WordPress possible for users with contributor or higher user rights...

5.4CVSS5.5AI score0.00538EPSS
Exploits0References2
cve
cve
added 2022/04/26 6:3 p.m.99 views

CVE-2021-36867

Summary of CVE-2021-36867 (WordPress plugin: Psychological tests & quizzes

5.4CVSS5.2AI score0.00538EPSS
Exploits0References2Affected Software1
cnnvd
cnnvd
added 2022/04/26 12:0 a.m.7 views

WordPress plugin Psychological tests & quizzes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Psychological tests...

5.4CVSS5.5AI score0.0055EPSS
Exploits0References3
cnnvd
cnnvd
added 2022/04/26 12:0 a.m.6 views

WordPress plugin Psychological tests & quizzes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.4CVSS5.4AI score0.00538EPSS
Exploits0References3
patchstack
patchstack
added 2022/04/26 12:0 a.m.19 views

WordPress Psychological tests & quizzes plugin <= 0.21.19 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ex.Mi Patchstack in WordPress Psychological tests & quizzes plugin versions = 0.21.19. Solution No patched version is available...

5.4CVSS2.2AI score0.0055EPSS
Exploits0References2Affected Software1
patchstack
patchstack
added 2022/04/26 12:0 a.m.27 views

WordPress Psychological tests & quizzes plugin <= 0.21.19 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Psychological tests & quizzes plugin versions = 0.21.19. Solution No patched version...

5.4CVSS3AI score0.00538EPSS
Exploits0References2Affected Software1
osv
osv
added 2022/04/19 1:15 p.m.6 views

CVE-2021-43129

A bypass exists for Desire2Learn/D2L Brightspace’s “Disable Right Click” option in the quizzing feature, which allows a quiz-taker to access print and copy functionality via the browser’s right click menu even when “Disable Right Click” is enabled on the quiz...

6.5CVSS6.6AI score0.01692EPSS
Exploits1References3
patchstack
patchstack
added 2022/02/28 12:0 a.m.15 views

WordPress "WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto" plugin < 5.3.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress "WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto" plugin versions 5.3.2. Solution Update the WordPress "WordPress form builder plugin for contact forms, surveys and...

3.6AI score
Exploits0References2Affected Software1
prion
prion
added 2021/11/08 6:15 p.m.9 views

Cross site scripting

The Quiz Tool Lite WordPress plugin through 2.3.15 does not sanitize multiple input fields used when creating or managing quizzes and in other setting options, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

3.5CVSS4.8AI score0.00598EPSS
Exploits2References1Affected Software1
prion
prion
added 2019/09/26 12:15 a.m.12 views

Cross site request forgery (csrf)

The Watu Pro plugin before 4.9.0.8 for WordPress has CSRF that allows an attacker to delete quizzes...

5.8CVSS7.2AI score0.00556EPSS
Exploits1References3Affected Software1
cnvd
cnvd
added 2019/09/11 12:0 a.m.2 views

WordPress Qwiz Online Quizzes And Flashcards Cross-Site Scripting Vulnerability

WordPress is a blogging platform based on the PHP language, which can be used to set up a website on a server that supports PHP and MySQL databases, and can also be used as a content management system CMS. A cross-site scripting vulnerability exists in WordPress Qwiz Online Quizzes And Flashcards...

6.4AI score
Exploits0References1
wpexploit
wpexploit
added 2019/09/07 12:0 a.m.10 views

Qwiz Online Quizzes And Flashcards <= 3.36 - Unauthenticated Reflected Cross Site Scripting

The qname, iqwiz, sessionid and username parameters passed to the registrationcomplete.php file are affected by XSS issues. Plugin has been closed while the issue is being fixed. /wp-content/plugins/qwiz-online-quizzes-and-flashcards/registrationcomplete.php?&qname=alert"XSS"...

1.7AI score
Exploits0References1
Rows per page
Query Builder