Lucene search
K

5 matches found

NVD
NVD
added 2023/06/09 6:15 a.m.21 views

CVE-2023-0292

The Quiz And Survey Master plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.0.8. This is due to missing nonce validation on the function associated with the qsmremovefilefdquestion AJAX action. This makes it possible for unauthenticated attacker...

8.1CVSS6AI score0.00791EPSS
Exploits4References4
Vulnrichment
Vulnrichment
added 2023/06/09 5:33 a.m.14 views

CVE-2023-0292 Quiz And Survey Master <= 8.0.8 - Cross-Site Request Forgery to Arbitrary Media Deletion

The Quiz And Survey Master plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.0.8. This is due to missing nonce validation on the function associated with the qsmremovefilefdquestion AJAX action. This makes it possible for unauthenticated attacker...

5.4CVSS7.3AI score0.00791EPSS
Exploits4References4
CVE
CVE
added 2023/06/09 5:33 a.m.47 views

CVE-2023-0292

CVE-2023-0292 concerns the WordPress plugin “Quiz And Survey Master” (WordPress) up to version 8.0.8. The issue is a Cross-Site Request Forgery (CSRF) vulnerability caused by missing nonce validation on the AJAX handler qsm_remove_file_fd_question. This enables unauthenticated attackers to delete...

8.1CVSS7.7AI score0.00791EPSS
Exploits4References4Affected Software1
Packet Storm
Packet Storm
added 2023/02/15 12:0 a.m.221 views

WordPress Quiz And Survey Master 8.0.8 Cross Site Request Forgery

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Quiz And Survey Master Vendor URL: https://wordpress.org/plugins/quiz-master-next/ Type: Cross-Site Request Forgery CSRF CWE-352 Date found: 2023-01-13 Date published: 2023-02-08 CVSSv3 Scor...

0.02034EPSS
Exploits6
0day.today
0day.today
added 2023/02/15 12:0 a.m.320 views

WordPress Quiz And Survey Master 8.0.8 Cross Site Request Forgery Vulnerability

WordPress Quiz and Survey Master plugin versions 8.0.8 and below suffer from a cross site request forgery vulnerability. 1. ADVISORY INFORMATION ======================= Product: Quiz And Survey Master Vendor URL: https://wordpress.org/plugins/quiz-master-next/ Type: Cross-Site Request Forgery CSR...

9.1CVSS0.1AI score0.02034EPSS
Exploits6
Rows per page
Query Builder