CVE-2026-2384
The CVE-2026-2384 entry documents a Stored Cross-Site Scripting (SXS) vulnerability in the WordPress Quiz Maker plugin (versions up to and including 6.7.1.7) exploited via the vc_quizmaker shortcode. Impact requires authenticated access (Contributor+); the flaw stems from insufficient input sanit...