Quiz And Survey Master Security Vulnerabilities and Issues — Quiz And Survey Master CVE List

Lucene search

ExpresstechQuiz And Survey Master

13 matches found

CVE•added 2022/10/28 6:15 p.m.•59 views

CVE-2021-36864

Auth. (editor+) Reflected Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin

5.4CVSS4.5AI score0.00045EPSS

CVE•added 2022/11/18 7:15 p.m.•59 views

CVE-2022-41652

Bypass vulnerability in Quiz And Survey Master plugin

9.8CVSS7.9AI score0.00043EPSS

CVE•added 2022/10/28 6:15 p.m.•55 views

CVE-2021-36898

Auth. SQL Injection (SQLi) vulnerability in Quiz And Survey Master plugin

9.1CVSS7.6AI score0.00181EPSS

CVE•added 2022/11/18 11:15 p.m.•55 views

CVE-2022-42883

Sensitive Information Disclosure vulnerability discovered by Quiz And Survey Master plugin

7.5CVSS6.1AI score0.00392EPSS

CVE•added 2022/10/28 4:15 p.m.•54 views

CVE-2021-36863

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin

5.4CVSS5.2AI score0.00085EPSS

CVE•added 2022/11/03 8:15 p.m.•54 views

CVE-2021-36906

Multiple Insecure Direct Object References (IDOR) vulnerabilities in ExpressTech Quiz And Survey Master plugin

8.8CVSS6.5AI score0.00057EPSS

CVE•added 2022/01/17 10:15 a.m.•50 views

CVE-2022-0181

Reflected cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to inject an arbitrary script via unspecified vectors.

6.1CVSS5.9AI score0.00668EPSS

CVE•added 2022/11/29 9:15 p.m.•49 views

CVE-2022-4032

The Quiz and Survey Master plugin for WordPress is vulnerable to iFrame Injection via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input sanitization and output escaping that allowed iframe tags to be injected. This makes it possible for unauthenticated a...

7.2CVSS6.3AI score0.00767EPSS

CVE•added 2022/11/18 11:15 p.m.•47 views

CVE-2022-40698

Auth. (subscriber+) Cross-Site Scripting (XSS) vulnerability in Quiz And Survey Master plugin

6.1CVSS5.6AI score0.00109EPSS

CVE•added 2022/01/17 10:15 a.m.•46 views

CVE-2022-0182

Stored cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote authenticated attacker to inject an arbitrary script via an website that uses Quiz And Survey Master.

5.4CVSS5AI score0.00453EPSS

CVE•added 2022/01/17 10:15 a.m.•44 views

CVE-2022-0180

Cross-site request forgery (CSRF) vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to hijack the authentication of administrators and conduct arbitrary operations via a specially crafted web page.

8.8CVSS8.8AI score0.00159EPSS

CVE•added 2022/11/17 11:15 p.m.•43 views

CVE-2021-36905

Multiple Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in Quiz And Survey Master plugin

5.4CVSS5.4AI score0.00068EPSS

CVE•added 2022/11/29 9:15 p.m.•41 views

CVE-2022-4033

The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input validation that allows attackers to inject content other than the specified value (i.e. a number, file path, et...

5.3CVSS5.1AI score0.00055EPSS