Moodle 4.2.x < 4.2.4 Multiple Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.25 / 3.11.x prior to 3.11.18 / 4.0.x prior to 4.0.12 / 4.1.x prior to 4.1.7 / 4.2.x prior to 4.2.4. It is, therefore, affected by multiple vulnerabilities: - XSS risk when manually running a task ...

WordPress plugin Survey Maker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Moodle 4.1.x < 4.1.7 Multiple Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.25 / 3.11.x prior to 3.11.18 / 4.0.x prior to 4.0.12 / 4.1.x prior to 4.1.7 / 4.2.x prior to 4.2.4. It is, therefore, affected by multiple vulnerabilities: - XSS risk when manually running a task ...

Moodle 4.0.x < 4.0.12 Multiple Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.25 / 3.11.x prior to 3.11.18 / 4.0.x prior to 4.0.12 / 4.1.x prior to 4.1.7 / 4.2.x prior to 4.2.4. It is, therefore, affected by multiple vulnerabilities: - XSS risk when manually running a task ...

Moodle 3.11.x < 3.11.18 Multiple Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.25 / 3.11.x prior to 3.11.18 / 4.0.x prior to 4.0.12 / 4.1.x prior to 4.1.7 / 4.2.x prior to 4.2.4. It is, therefore, affected by multiple vulnerabilities: - XSS risk when manually running a task ...

WordPress Survey Maker plugin <= 5.1.6.3 - Bypass vulnerability

Bypass vulnerability discovered by astra.r3verii in WordPress Plugin Survey Maker versions = 5.1.6.3...

WordPress Quiz and Survey Master (QSM) plugin < 9.2.1 - Author+ Stored XSS vulnerability

Author+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Quiz And Survey Master versions 9.2.1...

CVE-2024-10679

CVE-2024-10679 affects the Quiz and Survey Master (QSM) WordPress plugin prior to 9.2.1. The issue is stored Cross-Site Scripting caused by insufficient sanitization/escaping of certain settings, enabling high-privilege users (e.g., admins) to inject scripts even when unfiltered_html is disallowe...

CVE-2024-10679 Quiz and Survey Master (QSM) < 9.2.1 - Author+ Stored XSS

The Quiz and Survey Master QSM WordPress plugin before 9.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress plugin Quiz and Survey Master (QSM) 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

wifi: wcn36xx: fix channel survey memory allocation size

...

Malicious code in gss.survey.application (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 213760c83aa3e5576abe366dc9948b4e76fae43fde4241bb04aed016bdc1313c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2259 Malicious code in gss.survey.application (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 213760c83aa3e5576abe366dc9948b4e76fae43fde4241bb04aed016bdc1313c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-1666

The Cookie banner plugin for WordPress – Cookiebot CMP by Usercentrics plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the senduninstallsurvey function in all versions up to, and including, 4.4.1. This makes it possible for authenticate...

WordPress Cookiebot plugin <= 4.4.1 - Missing Authorization to Authenticated (Subscriber+) Survey Submission vulnerability

Missing Authorization to Authenticated Subscriber+ Survey Submission vulnerability discovered by Peter Thaleikis in WordPress Plugin Cookiebot versions = 4.4.1...

CVE-2025-23485

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in richestsoft RS Survey rs-survey allows Reflected XSS.This issue affects RS Survey: from n/a through = 1.0...

CVE-2025-23485

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in richestsoft RS Survey rs-survey allows Reflected XSS.This issue affects RS Survey: from n/a through = 1.0...

CVE-2025-23485 WordPress RS Survey plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in richestsoft RS Survey allows Reflected XSS. This issue affects RS Survey: from n/a through 1.0...

CVE-2025-23485

CVE-2025-23485 concerns a reflected Cross-Site Scripting (XSS) in the WordPress RS Survey plugin (versions &lt;= 1.0). The issue arises from improper input neutralization during web page generation, enabling reflected XSS when handling user-supplied input. Affected product is the RS Survey plugin...

CVE-2025-23485 WordPress RS Survey plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in richestsoft RS Survey rs-survey allows Reflected XSS.This issue affects RS Survey: from n/a through = 1.0...