3 matches found
WordPress Quiz Maker Plugin < 6.4.2.7 is vulnerable to Cross Site Scripting (XSS)
Software Quiz Maker Type Plugin Vulnerable versions 6.4.2.7 Fixed in 6.4.2.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2571 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID a73265b24616 Credits Erwan LR WPScan Required...
CVE-2023-2571
CVE-2023-2571 affects the Quiz Maker WordPress plugin. The vulnerability arises because the plugin does not escape certain parameters before outputting them in HTML attributes, leading to a Reflected Cross-Site Scripting (XSS) possibility that could affect high-privilege users (e.g., admins). Aff...
CVE-2023-2571 Quiz Maker < 6.4.2.7 - Reflected XSS
The Quiz Maker WordPress plugin before 6.4.2.7 does not escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin...