3 matches found
CVE-2020-36504
The WP-Pro-Quiz WordPress plugin through 0.37 does not have CSRF check in place when deleting a quiz, which could allow an attacker to make a logged in admin delete arbitrary quiz on the blog...
CVE-2020-36504
The CVE-2020-36504 entry affects WordPress WP-Pro-Quiz plugin versions up to 0.37. The vulnerability is a CSRF flaw: the plugin does not perform a CSRF check when deleting a quiz, enabling a logged-in administrator to delete arbitrary quizzes. Exploitation details or in-the-wild status are not pr...
CVE-2020-36504 WP-Pro-Quiz <= 0.37 - Arbitrary Quiz Deletion via CSRF
The WP-Pro-Quiz WordPress plugin through 0.37 does not have CSRF check in place when deleting a quiz, which could allow an attacker to make a logged in admin delete arbitrary quiz on the blog...