3 matches found
WordPress Watu Quiz 3.3.9 / GN Publisher 1.5.5 / Japanized For WooComerce 2.5.4 XSS Vulnerability
WordPress plugins Watu Quiz versions 3.3.9 and below, GN Publisher versions 1.5.5 and below, and Japanized For WooCommerce versions 2.5.4 and below suffer from cross site scripting vulnerabilities. Description: Reflected Cross-Site Scripting Affected Plugin: Watu Quiz Plugin Slug: watu Affected...
WordPress Watu Quiz 3.3.9 / GN Publisher 1.5.5 / Japanized For WooComerce 2.5.4 XSS
Description: Reflected Cross-Site Scripting Affected Plugin: Watu Quiz Plugin Slug: watu Affected Versions: = 3.3.9 CVE ID: CVE-2023-0968 CVSS Score: 6.1 Medium CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Researcher/s: Marco Wotschka Fully Patched Version: 3.3.9.1 Description:...
CVE-2023-0968
Summary (CVE-2023-0968): WordPress Watu Quiz plugin, affected up to version 3.3.9, is vulnerable to Reflected Cross-Site Scripting via the parameters dn, email, points, and date due to insufficient input sanitization and output escaping. Unauthenticated attackers can inject scripts in pages viewe...