2 matches found
WordPress HD Quiz plugin < 2.0.0 - Editor+ Stored XSS vulnerability
Editor+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin HD Quiz versions 2.0.0...
CVE-2024-13383
The CVE-2024-13383 entry concerns the WordPress HD Quiz plugin (pre-2.0.0). The root cause is lack of proper sanitisation/escaping of certain plugin settings, which can allow Stored Cross-Site Scripting (Stored XSS) by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (e...