Quiz And Survey Master Security Vulnerabilities and Issues — Quiz And Survey Master CVE List

Lucene search

ExpresstechQuiz And Survey Master

4 matches found

CVE•added 2024/12/13 3:15 p.m.•38 views

CVE-2023-37984

Missing Authorization vulnerability in ExpressTech Quiz And Survey Master allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through 8.1.10.

4.3CVSS4.7AI score0.00091EPSS

CVE•added 2024/08/26 6:15 a.m.•36 views

CVE-2024-6879

The Quiz and Survey Master (QSM) WordPress plugin before 9.1.1 fails to validate and escape certain Quiz fields before displaying them on a page or post where the Quiz is embedded, which could allows contributor and above roles to perform Stored Cross-Site Scripting (XSS) attacks.

4.7CVSS5.3AI score0.00032EPSS

CVE•added 2024/09/23 6:15 a.m.•35 views

CVE-2024-8758

The Quiz and Survey Master (QSM) WordPress plugin before 9.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setu...

4.8CVSS4.9AI score0.00064EPSS

CVE•added 2021/10/11 11:15 a.m.•34 views

CVE-2021-24691

The Quiz And Survey Master WordPress plugin before 7.3.2 does not escape the Quiz Url Slug setting before outputting it in some pages, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

4.8CVSS4.7AI score0.00282EPSS