Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2019-5476

Malware in sbrugna...

9.8CVSS9.5AI score0.04619EPSS
Exploits1References3
Patchstack
Patchstack
added 2025/10/03 11:16 p.m.6 views

WordPress Ultimate Viral Quiz plugin <= 1.0 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Nabil Irawan in WordPress Plugin Ultimate Viral Quiz versions = 1.0...

4.3CVSS6.8AI score0.00124EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/10/03 11:17 a.m.15 views

CVE-2025-10302

CVE-2025-10302 affects the WordPress plugin Ultimate Viral Quiz (versions ≤ 1.0). The vulnerability is a Cross-Site Request Forgery due to missing/incorrect nonce validation in the save_options() function, allowing unauthenticated attackers to update plugin settings if a site administrator is tri...

4.3CVSS4.9AI score0.00124EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/03 11:17 a.m.10 views

CVE-2025-10302 Ultimate Viral Quiz <= 1.0 - Cross-Site Request Forgery to Settings Update

The Ultimate Viral Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on thesaveoptions function. This makes it possible for unauthenticated attackers to update the plugin's settings...

4.3CVSS0.00124EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/03 12:0 a.m.3 views

WordPress plugin The Ultimate Viral Quiz 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an applicatio...

4.3CVSS6.2AI score0.00124EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/03 12:0 a.m.5 views

PT-2025-40470

Name of the Vulnerable Software and Affected Versions The Ultimate Viral Quiz plugin for WordPress versions prior to 1.0 Description The Ultimate Viral Quiz plugin for WordPress is susceptible to Cross-Site Request Forgery due to inadequate nonce validation within the save options function. This...

4.3CVSS6.1AI score0.00124EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 a.m.4 views

CVE-2019-14231

An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.2 for WordPress. One could exploit the points parameter in the obgetresults ajax nopriv handler due to there being no sanitization prior to use in a SQL query in getResultByPointsTrivia. This allows an...

9.8CVSS8.4AI score0.04619EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:32 a.m.7 views

CVE-2019-14230

An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.7 for WordPress. One could exploit the id parameter in the setcount ajax nopriv handler due to there being no sanitization prior to use in a SQL query in saveQuestionVote. This allows an unauthenticated/unprivileged use...

9.8CVSS8.4AI score0.04619EPSS
Exploits1References1
CNVD
CNVD
added 2019/07/23 12:0 a.m.1 views

WordPress Viral Quiz Maker - OnionBuzz plugin SQL injection vulnerability (CNVD-2019-27322)

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Viral Quiz Maker - OnionBuzz plugin is one of the quiz plugins used in it. A SQL injection vulnerability exists in WordPress Viral Quiz...

9.8CVSS8AI score0.04619EPSS
Exploits1References1
NVD
NVD
added 2019/07/21 11:15 p.m.16 views

CVE-2019-14231

An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.2 for WordPress. One could exploit the points parameter in the obgetresults ajax nopriv handler due to there being no sanitization prior to use in a SQL query in getResultByPointsTrivia. This allows an...

9.8CVSS9.7AI score0.04619EPSS
Exploits1References2
OSV
OSV
added 2019/07/21 11:15 p.m.3 views

CVE-2019-14230

An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.7 for WordPress. One could exploit the id parameter in the setcount ajax nopriv handler due to there being no sanitization prior to use in a SQL query in saveQuestionVote. This allows an unauthenticated/unprivileged use...

9.8CVSS7.8AI score
Exploits0References2
NVD
NVD
added 2019/07/21 11:15 p.m.14 views

CVE-2019-14230

An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.7 for WordPress. One could exploit the id parameter in the setcount ajax nopriv handler due to there being no sanitization prior to use in a SQL query in saveQuestionVote. This allows an unauthenticated/unprivileged use...

9.8CVSS9.7AI score0.04619EPSS
Exploits1References2
OSV
OSV
added 2019/07/21 11:15 p.m.3 views

CVE-2019-14231

An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.2 for WordPress. One could exploit the points parameter in the obgetresults ajax nopriv handler due to there being no sanitization prior to use in a SQL query in getResultByPointsTrivia. This allows an...

9.8CVSS7.8AI score0.04619EPSS
Exploits1References2
Prion
Prion
added 2019/07/21 11:15 p.m.16 views

Sql injection

An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.7 for WordPress. One could exploit the id parameter in the setcount ajax nopriv handler due to there being no sanitization prior to use in a SQL query in saveQuestionVote. This allows an unauthenticated/unprivileged use...

7.5CVSS9.5AI score0.04619EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2019/07/21 11:15 p.m.12 views

Sql injection

An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.2 for WordPress. One could exploit the points parameter in the obgetresults ajax nopriv handler due to there being no sanitization prior to use in a SQL query in getResultByPointsTrivia. This allows an...

7.5CVSS9.5AI score0.04619EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/07/21 10:39 p.m.20 views

CVE-2019-14231

An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.2 for WordPress. One could exploit the points parameter in the obgetresults ajax nopriv handler due to there being no sanitization prior to use in a SQL query in getResultByPointsTrivia. This allows an...

9.8AI score0.04619EPSS
Exploits1References2
CVE
CVE
added 2019/07/21 10:39 p.m.163 views

CVE-2019-14231

The CVE-2019-14231 entry applies to the WordPress plugin Agile Viral Quiz Maker – OnionBuzz (vulnerable before 1.2.2). The issue is a SQL injection in the ob_get_results nopriv AJAX handler via an unsanitized points parameter used in getResultByPointsTrivia. This allows an unauthenticated/unprivi...

9.8CVSS9.6AI score0.04619EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/07/21 10:38 p.m.23 views

CVE-2019-14230

An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin before 1.2.7 for WordPress. One could exploit the id parameter in the setcount ajax nopriv handler due to there being no sanitization prior to use in a SQL query in saveQuestionVote. This allows an unauthenticated/unprivileged use...

9.7AI score0.04619EPSS
Exploits1References2
CNVD
CNVD
added 2019/07/21 12:0 a.m.2 views

WordPress Viral Quiz Maker - OnionBuzz Plugin SQL Injection Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Viral Quiz Maker - OnionBuzz plugin is one of the quiz plugins used in it. A SQL injection vulnerability exists in WordPress Viral Quiz...

9.8CVSS8AI score0.04619EPSS
Exploits1References1
Rows per page
Query Builder