2 matches found
WordPress Quiz Maker plugin <= 6.5.9.8 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Quiz Maker versions = 6.5.9.8...
CVE-2024-8617 Quiz Maker <= 6.5.9.8 - Admin+ Stored XSS
The Quiz Maker WordPress plugin before 6.5.9.9 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...