Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:16 a.m.4 views

CVE-2025-9294

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the qsmdashboarddeleteresult function in all versions up to, and including, 10.3.1. This makes it possible for authenticated attackers,...

4.3CVSS5AI score0.00193EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/03/17 10:19 a.m.4 views

WordPress Tripetto plugin <= 8.0.9 - Cross-Site Request Forgery to Arbitrary Results Deletion vulnerability

Cross-Site Request Forgery to Arbitrary Results Deletion vulnerability discovered by Duc Manh in WordPress Plugin WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto versions = 8.0.9...

4.3CVSS8.7AI score0.00179EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/03/15 11:13 a.m.35 views

CVE-2025-1530 Tripetto <= 8.0.9 - Cross-Site Request Forgery to Arbitrary Results Deletion

The Tripetto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 8.0.9. This is due to missing nonce validation. This makes it possible for unauthenticated attackers to delete arbitrary results via a forged request granted they can trick a site...

4.3CVSS0.00179EPSS
Exploits0References6
Patchstack
Patchstack
added 2024/04/15 1:8 p.m.5 views

WordPress NPS computy plugin < 2.7.6 - Results Deletion via CSRF vulnerability

Results Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin NPS computy versions 2.7.6...

8.8CVSS8.6AI score0.00365EPSS
Exploits2References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/03/25 12:0 a.m.15 views

NPS computy < 2.7.6 - Results Deletion via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks PoC Make a logged in admin open the following: The result is that all existing poll responses are deleted...

9.3AI score0.00365EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2024/03/25 12:0 a.m.136 views

NPS computy < 2.7.6 - Results Deletion via CSRF

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks Make a logged in admin open the following: The result is that all existing poll responses are deleted...

9.5AI score0.00365EPSS
Exploits2
CVE
CVE
added 2014/05/13 3:0 p.m.39 views

CVE-2013-4500

CVE-2013-4500 concerns the Drupal Quiz module (6.x-4.x) prior to 6.x-4.5. The root cause is insufficient access control: remote authenticated users with either "view any quiz results" or "view results for own quiz" permissions can delete arbitrary results via the delete option. Impact is denial o...

4.9CVSS6.6AI score0.01055EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder