69 matches found
CVE-2016-10892
The chained-quiz plugin before 1.0 for WordPress has multiple XSS issues...
EUVD-2020-28238
Malware in sbrugna...
EUVD-2016-1886
Malware in sbrugna...
EUVD-2022-51575
Malicious code in bioql PyPI...
EUVD-2022-51573
Malicious code in bioql PyPI...
EUVD-2022-51577
Malicious code in bioql PyPI...
EUVD-2022-51569
Malicious code in bioql PyPI...
EUVD-2022-51576
Malicious code in bioql PyPI...
EUVD-2023-29006
Malicious code in bioql PyPI...
EUVD-2022-51572
Malicious code in bioql PyPI...
EUVD-2022-51580
Malicious code in bioql PyPI...
EUVD-2022-51570
Malicious code in bioql PyPI...
EUVD-2022-51579
Malicious code in bioql PyPI...
CVE-2025-10493
The Chained Quiz plugin for WordPress is vulnerable to Insecure Direct Object Reference in version 1.3.4 and below via the quiz submission and completion mechanisms due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to hijack and modify other...
CVE-2025-10493 Chained Quiz <= 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie
The Chained Quiz plugin for WordPress is vulnerable to Insecure Direct Object Reference in version 1.3.4 and below via the quiz submission and completion mechanisms due to missing validation on a user controlled key. This makes it possible for unauthenticated attackers to hijack and modify other...
CVE-2022-4216
The Chained Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'facebookappid' parameter in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative...
CVE-2022-4210
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dnf' parameter on the 'chainedquizlist' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
CVE-2022-4209
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'pointsf' parameter on the 'chainedquizlist' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...
CVE-2022-4214
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ip' parameter on the 'chainedquizlist' page in versions up to, and including, 1.3.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
CVE-2022-4211
The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'emailf' parameter on the 'chainedquizlist' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...