14 matches found
CVE-2025-67976
CVE-2025-67976 describes a Missing Authorization vulnerability in Watu Quiz for WordPress, exploitable via incorrectly configured access control. Affected: Watu Quiz versions up to 3.4.5 (range shown as n/a through
WordPress Watu Quiz plugin <= 3.4.4 - Unauthenticated Stored Cross-Site Scripting via HTTP Referer vulnerability
Unauthenticated Stored Cross-Site Scripting via HTTP Referer vulnerability discovered by Naoya Takahashi nakko in WordPress Plugin Watu Quiz versions = 3.4.4...
CVE-2025-46242 WordPress Watu Quiz plugin <= 3.4.3 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Bob Watu Quiz watu allows SQL Injection.This issue affects Watu Quiz: from n/a through = 3.4.3...
CVE-2025-46242
CVE-2025-46242 — WordPress Watu Quiz plugin <= 3.4.3 SQL Injection Root cause: Improper neutralization of special elements used in SQL commands in Watu Quiz (WordPress plugin). The vulnerability enables SQL Injection in versions up to 3.4.3. Impact: Potential unauthorized access or data manipu...
WordPress Watu Quiz Plugin < 3.4.1.2 is vulnerable to Cross Site Scripting (XSS)
Software Watu Quiz Type Plugin Vulnerable versions 3.4.1.2 Fixed in 3.4.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2640 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 617bfa58ba67 Credits Eunho Kim Required privilege...
WordPress Watu Quiz Plugin <= 3.4.1 is vulnerable to Sensitive Data Exposure
Software Watu Quiz Type Plugin Vulnerable versions = 3.4.1 Fixed in 3.4.1.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-0872 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 458d166de345 Credits Lucio Sá Required privilege...
WordPress Watu Quiz Plugin <= 3.4.1 is vulnerable to Cross Site Scripting (XSS)
Software Watu Quiz Type Plugin Vulnerable versions = 3.4.1 Fixed in 3.4.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0873 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID dd9c2f3d3e10 Credits Lucio Sá Required privilege...
WordPress Watu Quiz Plugin <= 3.3.9.2 is vulnerable to Cross Site Scripting (XSS)
Software Watu Quiz Type Plugin Vulnerable versions = 3.3.9.2 Fixed in 3.3.9.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-30483 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 28220b6a7407 Credits Skalucy Required...
CVE-2023-25022 WordPress Watu Quiz Plugin <= 3.3.8 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Kiboko Labs Watu Quiz plugin = 3.3.8 versions...
WordPress Watu Quiz Plugin <= 3.3.9 is vulnerable to Cross Site Scripting (XSS)
Software Watu Quiz Type Plugin Vulnerable versions = 3.3.9 Fixed in 3.3.9.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0968 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID f8e4b6a3eab0 Credits Marco Wotschka Required...
WordPress Watu Quiz Plugin <= 3.3.8 is vulnerable to Cross Site Scripting (XSS)
Software Watu Quiz Type Plugin Vulnerable versions = 3.3.8 Fixed in 3.3.8.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25022 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e168b8672ecd Credits yuyudhn Required privilege...
WordPress Watu Quiz Plugin < 3.3.8.2 is vulnerable to Cross Site Scripting (XSS)
Software Watu Quiz Type Plugin Vulnerable versions 3.3.8.2 Fixed in 3.3.8.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0428 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 65a196ce52fa Credits Felipe Restrepo Rodriguez...
WordPress Watu Quiz Plugin < 3.3.8.3 is vulnerable to Cross Site Scripting (XSS)
Software Watu Quiz Type Plugin Vulnerable versions 3.3.8.3 Fixed in 3.3.8.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0429 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5337ca5b2dc2 Credits Felipe Restrepo Rodriguez...
WordPress Watu Quiz plugin <= 3.1.2.5 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability found in WordPress Watu Quiz plugin version = 3.1.2.5. Solution Update the WordPress Watu Quiz plugin to the latest available version at least 3.1.2.6...