Lucene search
K

2621 matches found

Nuclei
Nuclei
added 10 hours ago70 views

WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting

WordPress Watu Quiz plugin before 3.3.9.1 is susceptible to cross-site scripting. The plugin does not sanitize and escape some parameters, such as email, dn, date, and points, before outputting then back in a page. An attacker can inject arbitrary script in the browser of an unsuspecting user in...

6.1CVSS6.3AI score0.01252EPSS
Exploits3References5
Nuclei
Nuclei
added 13 hours ago26 views

Quiz and Survey Master <= 8.1.4 - SQL Injection

ExpressTech Quiz And Survey Master versions up to 8.1.4 contains an SQL injection caused by improper neutralization of special elements used in SQL commands, letting attackers execute arbitrary SQL queries, exploit requires user interaction. id: CVE-2023-28787 info: name: Quiz and Survey Master =...

9.3CVSS7.2AI score0.01977EPSS
Exploits0References3
Cvelist
Cvelist
added 6 days ago39 views

CVE-2026-14706 code-projects Online Examination Quiz Creation Feature update.php sql injection

A vulnerability was identified in code-projects Online Examination 1.0. This affects an unknown part of the file /update.php?q=addquiz of the component Quiz Creation Feature. The manipulation of the argument name/total/right/wrong/time/tag/desc leads to sql injection. The attack can be initiated...

6.5CVSS0.002EPSS
Exploits0References6
CVE
CVE
added 6 days ago18 views

CVE-2026-14706

CVE-2026-14706 affects code-projects Online Examination 1.0, specifically the Quiz Creation Feature via /update.php?q=addquiz. The issue arises from manipulation of arguments name/total/right/wrong/time/tag/desc, leading to SQL injection. Remote attack possible; exploit publicly available (exploi...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
EUVD
EUVD
added 6 days ago10 views

EUVD-2026-41727

A vulnerability was identified in code-projects Online Examination 1.0. This affects an unknown part of the file /update.php?q=addquiz of the component Quiz Creation Feature. The manipulation of the argument name/total/right/wrong/time/tag/desc leads to sql injection. The attack can be initiated...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 6 days ago12 views

PT-2026-55767

Name of the Vulnerable Software and Affected Versions code-projects Online Examination version 1.0 Description An issue exists in the Quiz Creation Feature within the file /update.php?q=addquiz. Remote attackers can perform SQL injection, a technique used to manipulate database queries, by...

6.5CVSS6.7AI score0.002EPSS
Exploits0References12
OSV
OSV
added 2026/07/03 1:33 p.m.2 views

MINI-QG3G-4F29-FG5H

Bulletin has no description...

7.5CVSS5.9AI score0.00394EPSS
Exploits0
NVD
NVD
added 2026/07/03 8:16 a.m.8 views

CVE-2026-9230

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.00312EPSS
Exploits0References14
CVE
CVE
added 2026/07/03 6:50 a.m.14 views

CVE-2026-9230

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress

4.3CVSS6AI score0.00312EPSS
Exploits0References14
EUVD
EUVD
added 2026/07/03 6:50 a.m.6 views

EUVD-2026-41513

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS6AI score0.00312EPSS
Exploits0References14
Cvelist
Cvelist
added 2026/07/03 6:50 a.m.40 views

CVE-2026-9230 Quiz and Survey Master (QSM) <= 11.1.4 - Missing Authorization to Authenticated (Contributor+) Arbitrary Quiz Modification and Email Reroute via Leaked Nonce from /quiz/structure

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.00312EPSS
Exploits0References14
ATTACKERKB
ATTACKERKB
added 2026/07/03 6:50 a.m.4 views

CVE-2026-9230

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS6AI score0.00312EPSS
Exploits0References15
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.11 views

PT-2026-55509

Name of the Vulnerable Software and Affected Versions Quiz and Survey Master QSM – Easy Quiz and Survey Maker versions prior to 11.1.5 Description An authorization bypass exists because the plugin fails to properly verify if a user is authorized to perform specific actions. Authenticated attacker...

4.3CVSS5.8AI score0.00312EPSS
Exploits0References19
Patchstack
Patchstack
added 2026/07/02 6:30 p.m.6 views

WordPress Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin <= 11.1.4 - Missing Authorization to Authenticated (Contributor+) Arbitrary Quiz Modification and Email Reroute vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary Quiz Modification and Email Reroute vulnerability discovered by Kirasec in WordPress Plugin Quiz And Survey Master versions = 11.1.4...

4.3CVSS5.9AI score0.00312EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/27 8:16 a.m.12 views

CVE-2026-9233

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.00272EPSS
Exploits0References12
Cvelist
Cvelist
added 2026/06/27 6:50 a.m.33 views

CVE-2026-9233 Quiz and Survey Master (QSM) <= 11.1.4 - Missing Authorization to Authenticated (Contributor+) Arbitrary Modification via qsm_insert_quiz_template AJAX Action

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.00272EPSS
Exploits0References12
CVE
CVE
added 2026/06/27 6:50 a.m.21 views

CVE-2026-9233

CVE-2026-9233 affects the WordPress plugin Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker up to version 11.1.4 . The root cause is an authorization bypass in the AJAX action qsm_insert_quiz_template , allowing authenticated users with contributor-level access and above to create, modif...

4.3CVSS5.9AI score0.00272EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 2026/06/27 6:50 a.m.9 views

CVE-2026-9233

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS5.9AI score0.00272EPSS
Exploits0References13
EUVD
EUVD
added 2026/06/27 6:50 a.m.11 views

EUVD-2026-39952

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS5.9AI score0.00272EPSS
Exploits0References12
NVD
NVD
added 2026/06/27 2:16 a.m.9 views

CVE-2026-13422

The HD Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.2.0 to 2.2.1. This is due to missing or incorrect nonce validation on the hdqvalidatenonce function. This makes it possible for unauthenticated attackers to delete or modify quizzes and questions, create ne...

4.3CVSS0.00179EPSS
Exploits0References16
Rows per page
Query Builder