EUVD-2026-39932

The HD Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.2.0 to 2.2.1. This is due to missing or incorrect nonce validation on the hdqvalidatenonce function. This makes it possible for unauthenticated attackers to delete or modify quizzes and questions, create ne...

EUVD-2026-27864

A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affect quiz and poll results. Cisco has addressed this vulnerability in Cisco Slido and no customer action is needed. This vulnerability existed...

CVE-2025-23724

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in oleksandr87 University Quizzes Online university-quizzes-online allows Reflected XSS.This issue affects University Quizzes Online: from n/a through = 1.4...

CVE-2025-9637

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability and status checks on multiple functions in all versions up to, and including, 10.3.1. This makes it possible for unauthenticat...

CVE-2025-9637

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability and status checks on multiple functions in all versions up to, and including, 10.3.1. This makes it possible for unauthenticat...

CVE-2025-9637

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability and status checks on multiple functions in all versions up to, and including, 10.3.1. This makes it possible for unauthenticat...

WordPress Quiz and Survey Master (QSM) plugin <= 10.3.1 - Missing Authorization to Unpublished, Private And Password-Protected Quiz Information Disclosure And Image Response Uploads vulnerability

Missing Authorization to Unpublished, Private And Password-Protected Quiz Information Disclosure And Image Response Uploads vulnerability discovered by Rahul Sreenivasan Tr0j4n - Mobikwik in WordPress Plugin Quiz And Survey Master versions = 10.3.1...

CVE-2025-9637 Quiz and Survey Master (QSM) <= 10.3.1 - Missing Authorization to Unpublished, Private And Password-Protected Quiz Information Disclosure And Image Response Uploads

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability and status checks on multiple functions in all versions up to, and including, 10.3.1. This makes it possible for unauthenticat...

CVE-2025-9637 Quiz and Survey Master (QSM) <= 10.3.1 - Missing Authorization to Unpublished, Private And Password-Protected Quiz Information Disclosure And Image Response Uploads

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability and status checks on multiple functions in all versions up to, and including, 10.3.1. This makes it possible for unauthenticat...

CVE-2025-9637

CVE-2025-9637 (Quiz and Survey Master, QSM) Affected: Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker for WordPress, versions up to and including 10.3.1. Root cause: missing capability and status checks on multiple functions, enabling unauthenticated users to view unpublished/private/pa...

PT-2026-1430

Name of the Vulnerable Software and Affected Versions Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress versions prior to and including 10.3.1 Description The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is susceptible to unauthorized...

EUVD-2025-4044

Malicious code in bioql PyPI...

EUVD-2025-28360

Malicious code in bioql PyPI...

EUVD-2025-3372

Malicious code in bioql PyPI...

EUVD-2024-49877

Malicious code in bioql PyPI...

CVE-2025-50035

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CyrilG Fyrebox Quizzes fyrebox-shortcode allows Stored XSS.This issue affects Fyrebox Quizzes: from n/a through = 3.1...

CVE-2025-50035

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CyrilG Fyrebox Quizzes fyrebox-shortcode allows Stored XSS.This issue affects Fyrebox Quizzes: from n/a through = 3.1...

CVE-2025-50035 WordPress Fyrebox Quizzes plugin <= 3.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CyrilG Fyrebox Quizzes fyrebox-shortcode allows Stored XSS.This issue affects Fyrebox Quizzes: from n/a through = 3.1...

CVE-2025-50035

CVE-2025-50035 concerns WordPress plugin Fyrebox Quizzes (versions n/a through 3.0). Root cause: improper neutralization of input during web page generation, enabling Stored XSS. Affected software: CyrilG Fyrebox Quizzes (WordPress plugin). Impact as described: stored XSS vulnerability that could...

CVE-2025-50035 WordPress Fyrebox Quizzes plugin <= 3.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CyrilG Fyrebox Quizzes allows Stored XSS. This issue affects Fyrebox Quizzes: from n/a through 3.0...