CVE-2025-58675

CVE-2025-58675 : CSRF vulnerability in Interact: Embed A Quiz On Your Site. Affected software: Interact: Embed A Quiz On Your Site (from n/a through 3.1). From the description, the weakness is Cross-Site Request Forgery with network attack vector, low likelihood requirements, and user interaction...

CVE-2025-58675 WordPress Interact: Embed A Quiz On Your Site Plugin <= 3.1 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in tryinteract Interact: Embed A Quiz On Your Site interact-quiz-embed allows Cross Site Request Forgery.This issue affects Interact: Embed A Quiz On Your Site: from n/a through = 3.1...

WordPress plugin Interact Embed A Quiz On Your Site 跨站请求伪造漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based servers...

Malicious code in http-interact (PyPI)

--- -= Per source details. Do not edit below this line.=-...

VulnCheck KEV: CVE-2025-54782

Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution RCE vulnerability was discovered in the @nestjs/devtools-integration package. When enabled, the package exposes a local development HTTP server with an API...

Arbitrary Command Injection

Overview @nestjs/devtools-integration is a Nest - modern, fast, powerful node.js web framework @devtools-integration Affected versions of this package are vulnerable to Arbitrary Command Injection via the inspector/graph/interact endpoint, which accepts JSON input containing a code field and...

CVE-2025-54782 @nestjs/devtools-integration's CSRF to Sandbox Escape Allows for RCE against JS Developers

Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution RCE vulnerability was discovered in the @nestjs/devtools-integration package. When enabled, the package exposes a local development HTTP server with an API...

CVE-2023-41103

Interact 7.9.79.5 allows stored Cross-site Scripting XSS attacks in several locations, allowing an attacker to store a JavaScript payload...

CVE-2023-5659

The Interact: Embed A Quiz On Your Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'interact-quiz' shortcode in all versions up to, and including, 3.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

Interact: Embed A Quiz On Your Site < 3.1 - Contributor+ Stored XSS

Description The plugin does not validate and escape some of its interact-quiz shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-5659

The Interact: Embed A Quiz On Your Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'interact-quiz' shortcode in all versions up to, and including, 3.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2023-5659

The Interact: Embed A Quiz On Your Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'interact-quiz' shortcode in all versions up to, and including, 3.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

CVE-2023-5659 Interact: Embed A Quiz On Your Site <= 3.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Interact: Embed A Quiz On Your Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'interact-quiz' shortcode in all versions up to, and including, 3.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

PT-2023-32244 · WordPress · Interact: Embed A Quiz On Your Site

Name of the Vulnerable Software and Affected Versions: Interact: Embed A Quiz On Your Site plugin for WordPress versions up to, and including, 3.0.7 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the 'interact-quiz' shortcode...

CVE-2023-41103

Interact 7.9.79.5 allows stored Cross-site Scripting XSS attacks in several locations, allowing an attacker to store a JavaScript payload...

CVE-2023-41103

Interact 7.9.79.5 allows stored Cross-site Scripting XSS attacks in several locations, allowing an attacker to store a JavaScript payload...

Cross site scripting

Interact 7.9.79.5 allows stored Cross-site Scripting XSS attacks in several locations, allowing an attacker to store a JavaScript payload...

CVE-2023-41103

Interact 7.9.79.5 allows stored Cross-site Scripting XSS attacks in several locations, allowing an attacker to store a JavaScript payload...

Interact Cross-Site Scripting Vulnerability

Interact is a telecommuting software from Interact. A security vulnerability exists in Interact version 7.9.79.5. An attacker could exploit the vulnerability to store a JavaScript payload to perform a cross-site scripting attack...

CVE-2023-41103

Interact 7.9.79.5 allows stored Cross-site Scripting XSS attacks in several locations, allowing an attacker to store a JavaScript payload...