EUVD-2015-9229

Malware in sbrugna...

EUVD-2015-9226

Malware in sbrugna...

EUVD-2015-9227

Malware in sbrugna...

CVE-2015-9387

The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/options-general.php CSRF...

CVE-2015-9386

The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via the quiz parameter during a Quiz Manage operation...

CVE-2022-2410

The mTouch Quiz WordPress plugin through 3.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress mtouch-quiz plugin cross-site request forgery vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. mtouch-quiz is a multiple choice quiz plugin used in it. A cross-site request forgery vulnerability exists in WordPress mtouch-quiz...

Cross site request forgery (csrf)

The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/edit.php CSRF with resultant XSS...

CVE-2015-9387

The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/options-general.php CSRF...

WordPress mTouch Quiz Plugin <= 3.1.2 - Multiple Vulnerabilities

This plugin is prone to a cross site scripting and cross site request forgery vulnerabilities. Solution Update the plugin...

CVE-2014-100023

Multiple cross-site scripting XSS vulnerabilities in question.php in the mTouch Quiz before 3.0.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the quiz parameter to wp-admin/edit.php...

WordPress mTouch Quiz Plugin <= 3.0.6 - Multiple XSS

Because of these vulnerabilities in question.php, the attackers can inject arbitrary web script or HTML via the "quiz" parameter to wp-admin/edit.php. Solution Update the plugin...