Lucene search
+L

3966 matches found

Cvelist
Cvelist
added yesterday24 views

CVE-2026-13767 Quiz and Survey Master (QSM) <= 11.2.0 - Authenticated (Custom+) SQL Injection via 'pages' Parameter

The Quiz Master Next plugin for WordPress is vulnerable to SQL Injection via stored quiz page data in versions up to, and including, 11.2.0. This is due to insufficient escaping on the user-supplied 'pages' parameter persisted by the qsmajaxsavepages AJAX handler sanitizetextfield only and lack o...

6.5CVSS0.00249EPSS
Exploits0References5
NVD
NVD
added 2026/07/06 5:16 a.m.10 views

CVE-2026-14792

A security vulnerability has been detected in Formbricks 5.0.0. This impacts an unknown function of the file apps/web/modules/survey/link/actions.ts of the component Survey Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. Upgrading to...

6.9CVSS0.00366EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/07/06 3:0 a.m.7 views

CVE-2026-14792

A security vulnerability has been detected in Formbricks 5.0.0. This impacts an unknown function of the file apps/web/modules/survey/link/actions.ts of the component Survey Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. Upgrading to...

6.9CVSS6.1AI score0.00366EPSS
Exploits0References9
EUVD
EUVD
added 2026/07/06 3:0 a.m.8 views

EUVD-2026-41803

A security vulnerability has been detected in Formbricks 5.0.0. This impacts an unknown function of the file apps/web/modules/survey/link/actions.ts of the component Survey Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. Upgrading to...

6.9CVSS5.5AI score0.00366EPSS
Exploits0References8
OSV
OSV
added 2026/07/06 3:0 a.m.4 views

CVE-2026-14792 Formbricks Survey actions.ts access control

A security vulnerability has been detected in Formbricks 5.0.0. This impacts an unknown function of the file apps/web/modules/survey/link/actions.ts of the component Survey Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. Upgrading to...

6.9CVSS6.1AI score0.00366EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/07/06 3:0 a.m.35 views

CVE-2026-14792 Formbricks Survey actions.ts access control

A security vulnerability has been detected in Formbricks 5.0.0. This impacts an unknown function of the file apps/web/modules/survey/link/actions.ts of the component Survey Handler. The manipulation leads to improper access controls. Remote exploitation of the attack is possible. Upgrading to...

6.9CVSS0.00366EPSS
Exploits0References8
CVE
CVE
added 2026/07/06 3:0 a.m.11 views

CVE-2026-14792

CVE-2026-14792 affects Formbricks 5.0.0, specifically the file apps/web/modules/survey/link/actions.ts within the Survey Handler component. The issue is improper access controls that enable remote exploitation. The advisory indicates upgrading to version 5.1.0-rc.1 fixes the vulnerability; patch ...

6.9CVSS6.1AI score0.00366EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.10 views

PT-2026-55855

Name of the Vulnerable Software and Affected Versions Formbricks version 5.0.0 Description Improper access controls exist within the Survey Handler component, specifically affecting a function in the apps/web/modules/survey/link/actions.ts file. This flaw allows for remote exploitation...

6.9CVSS6.7AI score0.00366EPSS
Exploits0References12
Cvelist
Cvelist
added 2026/07/03 6:50 a.m.40 views

CVE-2026-9230 Quiz and Survey Master (QSM) <= 11.1.4 - Missing Authorization to Authenticated (Contributor+) Arbitrary Quiz Modification and Email Reroute via Leaked Nonce from /quiz/structure

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS0.00312EPSS
Exploits0References14
CVE
CVE
added 2026/07/03 6:50 a.m.16 views

CVE-2026-9230

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress

4.3CVSS6AI score0.00312EPSS
Exploits0References14
EUVD
EUVD
added 2026/07/03 6:50 a.m.8 views

EUVD-2026-41513

The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 11.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS6AI score0.00312EPSS
Exploits0References14
Patchstack
Patchstack
added 2026/07/02 6:30 p.m.7 views

WordPress Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin <= 11.1.4 - Missing Authorization to Authenticated (Contributor+) Arbitrary Quiz Modification and Email Reroute vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary Quiz Modification and Email Reroute vulnerability discovered by Kirasec in WordPress Plugin Quiz And Survey Master versions = 11.1.4...

4.3CVSS5.9AI score0.00312EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/07/02 12:17 p.m.4 views

CVE-2026-57361

Unauthenticated Cross Site Scripting XSS in Survey Maker = 5.2.2.5 versions...

7.1CVSS0.00191EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.18 views

CVE-2026-57361

The CVE-2026-57361 entry affects the WordPress Survey Maker plugin ≤ 5.2.2.5, describing an unauthenticated Cross-Site Scripting (XSS) vulnerability. The provided documents specify the vulnerable software and vulnerability type, but do not include technical details about the root cause, impact sp...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 11:15 a.m.36 views

CVE-2026-57361 WordPress Survey Maker plugin <= 5.2.2.5 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Survey Maker = 5.2.2.5 versions...

7.1CVSS0.00191EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/02 11:15 a.m.7 views

EUVD-2026-41360

Unauthenticated Cross Site Scripting XSS in Survey Maker = 5.2.2.5 versions...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 11:15 a.m.8 views

CVE-2026-57361

Unauthenticated Cross Site Scripting XSS in Survey Maker = 5.2.2.5 versions...

7.1CVSS5.8AI score0.00191EPSS
Exploits0References2
NVD
NVD
added 2026/06/29 12:16 p.m.27 views

CVE-2026-13562

A flaw has been found in Edimax EW-7478APC 1.04. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. It is possible to initiate the attack remotely. The exploit...

9CVSS0.00445EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/29 11:15 a.m.7 views

EUVD-2026-40073

A flaw has been found in Edimax EW-7478APC 1.04. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. It is possible to initiate the attack remotely. The exploit...

9CVSS7.5AI score0.00445EPSS
Exploits0References5
CVE
CVE
added 2026/06/27 6:50 a.m.24 views

CVE-2026-9233

CVE-2026-9233 affects the WordPress plugin Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker up to version 11.1.4 . The root cause is an authorization bypass in the AJAX action qsm_insert_quiz_template , allowing authenticated users with contributor-level access and above to create, modif...

4.3CVSS5.9AI score0.00272EPSS
Exploits0References12
Rows per page
Query Builder