2 matches found
CVE-2024-1078
CVE-2024-1078 affects the WordPress Quiz Maker plugin. The vulnerability stems from a missing capability check in the ays_quick_start() and add_question_rows() functions across all versions up to and including 6.5.2.4, enabling authenticated attackers with subscriber-level access or higher to cre...
WordPress Quiz Maker Plugin <= 6.5.2.4 is vulnerable to Broken Access Control
Software Quiz Maker Type Plugin Vulnerable versions = 6.5.2.4 Fixed in 6.5.2.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1078 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0653250f4b8f Credits Lucio Sá Required privilege...