52 matches found
EUVD-2015-9228
Malware in sbrugna...
EUVD-2015-9229
Malware in sbrugna...
EUVD-2015-9226
Malware in sbrugna...
EUVD-2014-1054
Malware in sbrugna...
EUVD-2015-9227
Malware in sbrugna...
EUVD-2014-1053
Malware in sbrugna...
CVE-2015-9387
The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/options-general.php CSRF...
CVE-2015-9389
The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via a quiz name...
CVE-2015-9388
The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/edit.php CSRF with resultant XSS...
CVE-2015-9386
The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via the quiz parameter during a Quiz Manage operation...
CVE-2022-2410
The mTouch Quiz WordPress plugin through 3.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-2410
The mTouch Quiz WordPress plugin through 3.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-2410
The mTouch Quiz WordPress plugin through 3.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...
Cross site scripting
The mTouch Quiz WordPress plugin through 3.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2022-2410
CVE-2022-2410 affects the WordPress mTouch Quiz plugin up to version 3.1.3. The issue is due to insufficient sanitization/escaping of certain settings, enabling Stored XSS when unfiltered_html is disallowed (e.g., multisite). Affected component: plugin settings handling; root cause: lack of input...
CVE-2022-2410 mTouch Quiz <= 3.1.3 - Admin+ Stored Cross Site Scripting
The mTouch Quiz WordPress plugin through 3.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...
PT-2022-16462 · WordPress · Mtouch-Quiz
Name of the Vulnerable Software and Affected Versions: mTouch Quiz WordPress plugin versions 3.1.3 and earlier Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks when the unfiltered html capability is disallowed, for example in a...
WordPress plugin mTouch Quiz 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
mTouch Quiz <= 3.1.3 - Admin+ Stored Cross Site Scripting
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup PoC Put the following payload in any of the delimiter...
WordPress mTouch Quiz plugin <= 3.1.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Vinay Varma Mudunuri and Krishna Harsha Kondaveeti in WordPress mTouch Quiz plugin versions = 3.1.3. Solution Deactivate and delete. This plugin has been closed as of July 14, 2022 and is not available for download. This...