Quiz And Survey Master Security Vulnerabilities and Issues — Quiz And Survey Master CVE List

Lucene search

ExpresstechQuiz And Survey Master

3 matches found

CVE•added 2024/07/01 6:15 a.m.•45 views

CVE-2024-4934

The Quiz and Survey Master (QSM) WordPress plugin before 9.0.2 does not validate and escape some of its Quiz fields before outputting them back in a page/post where the Quiz is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks

5.5CVSS5.5AI score0.00027EPSS

CVE•added 2024/07/02 6:15 a.m.•45 views

CVE-2024-5606

The Quiz and Survey Master (QSM) WordPress plugin before 9.0.2 is vulnerable does not validate and escape the question_id parameter in the qsm_bulk_delete_question_from_database AJAX action, leading to a SQL injection exploitable by Contributors and above role

8.8CVSS9AI score0.00053EPSS

CVE•added 2024/07/11 6:15 a.m.•36 views

CVE-2024-6025

The Quiz and Survey Master (QSM) WordPress plugin before 9.0.5 does not sanitise and escape some of its Quiz settings, which could allow contributors and higher to perform Stored Cross-Site Scripting attacks

6.5CVSS5.4AI score0.00037EPSS