Quiz Maker@* Security Vulnerabilities and Issues — Quiz Maker@* CVE List

Lucene search

Ays-proQuiz Maker*

3 matches found

CVE•added 2023/06/05 2:15 p.m.•45 views

CVE-2023-2571

The Quiz Maker WordPress plugin before 6.4.2.7 does not escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin

6.1CVSS6.1AI score0.00121EPSS

CVE•added 2023/12/26 7:15 p.m.•23 views

CVE-2023-6166

The Quiz Maker WordPress plugin before 6.4.9.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting

6.1CVSS6.1AI score0.00117EPSS

CVE•added 2023/12/26 7:15 p.m.•21 views

CVE-2023-6155

The Quiz Maker WordPress plugin before 6.4.9.5 does not adequately authorize the ays_quiz_author_user_search AJAX action, allowing an unauthenticated attacker to perform a search for users of the system, ultimately leaking user email addresses.

5.3CVSS5.3AI score0.00594EPSS