Quiz And Survey Master Security Vulnerabilities and Issues — Quiz And Survey Master CVE List

Lucene search

ExpresstechQuiz And Survey Master

6 matches found

CVE•added 2021/01/01 4:15 a.m.•85 views

CVE-2020-35951

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offline and allow an attacker to reinstall with a WordPress instance under their control. This occurred ...

9.9CVSS9.3AI score0.55369EPSS

CVE•added 2022/11/18 7:15 p.m.•59 views

CVE-2022-41652

Bypass vulnerability in Quiz And Survey Master plugin

9.8CVSS7.9AI score0.00043EPSS

CVE•added 2022/10/28 6:15 p.m.•55 views

CVE-2021-36898

Auth. SQL Injection (SQLi) vulnerability in Quiz And Survey Master plugin

9.1CVSS7.6AI score0.00181EPSS

CVE•added 2024/06/07 6:15 a.m.•51 views

CVE-2024-3592

The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'question_id' parameter in all versions up to, and including, 9.0.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation...

9.9CVSS8.1AI score0.00422EPSS

CVE•added 2024/03/26 9:15 p.m.•43 views

CVE-2023-28787

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.4.

9.3CVSS9.7AI score0.00103EPSS

CVE•added 2023/06/09 6:15 a.m.•36 views

CVE-2023-0291

The Quiz And Survey Master for WordPress is vulnerable to authorization bypass due to a missing capability check on the function associated with the qsm_remove_file_fd_question AJAX action in versions up to, and including, 8.0.8. This makes it possible for unauthenticated attackers to delete arbitr...

9.1CVSS9AI score0.00081EPSS