5 matches found
CVE-2019-12517
An XSS issue was discovered in the slickquiz plugin through 1.3.7.1 for WordPress. The savequizscore functionality available via the /wp-admin/admin-ajax.php endpoint allows unauthenticated users to submit quiz solutions/answers, which are stored in the database and later shown in the WordPress...
EUVD-2019-4112
Malware in sbrugna...
CVE-2019-12517
An XSS issue was discovered in the slickquiz plugin through 1.3.7.1 for WordPress. The savequizscore functionality available via the /wp-admin/admin-ajax.php endpoint allows unauthenticated users to submit quiz solutions/answers, which are stored in the database and later shown in the WordPress...
CVE-2019-12517
An XSS issue was discovered in the slickquiz plugin through 1.3.7.1 for WordPress. The savequizscore functionality available via the /wp-admin/admin-ajax.php endpoint allows unauthenticated users to submit quiz solutions/answers, which are stored in the database and later shown in the WordPress...
CVE-2019-12517
CVE-2019-12517 affects the WordPress SlickQuiz plugin prior to 1.3.7.1. The vulnerability arises from insufficient validation/sanitization in the save_quiz_score flow exposed via /wp-admin/admin-ajax.php, allowing unauthenticated users to submit quiz data that is stored in the database and later ...