Lucene search
K
Mtouch Quiz ProjectMtouch Quiz

7 matches found

CVE
CVE
added 2019/09/20 2:54 p.m.70 views

CVE-2015-9386

The CVE-2015-9386 entry concerns the mtouch-quiz WordPress plugin, affected in versions before 3.1.3. The provided documents describe an XSS vulnerability via the quiz parameter during a Quiz Manage operation. This is supported by multiple sources (NVD entry notes XSS in mtouch-quiz before 3.1.3;...

6.1CVSS6AI score0.0102EPSS
CVE
CVE
added 2019/09/20 2:57 p.m.67 views

CVE-2015-9389

CVE-2015-9389 affects the mTouch Quiz WordPress plugin prior to version 3.1.3 , with XSS via the quiz name . The vulnerability is described in multiple sources as a client‑side/script injection issue in the plugin’s quiz name field, enabling cross‑site scripting. The supplied connected documents ...

5.4CVSS5.3AI score0.00783EPSS
CVE
CVE
added 2022/08/08 1:49 p.m.67 views

CVE-2022-2410

CVE-2022-2410 affects the WordPress mTouch Quiz plugin up to version 3.1.3. The issue is due to insufficient sanitization/escaping of certain settings, enabling Stored XSS when unfiltered_html is disallowed (e.g., multisite). Affected component: plugin settings handling; root cause: lack of input...

4.8CVSS4.7AI score0.00493EPSS
CVE
CVE
added 2019/09/20 2:56 p.m.64 views

CVE-2015-9388

CVE-2015-9388 affects the WordPress mtouch-quiz plugin, specifically versions prior to 3.1.3. The vulnerability is a CSRF on wp-admin/edit.php that can result in cross-site scripting (XSS). Red Hat and NVD entries corroborate the issue. Impact is partial integrity compromise (per CVSS) with no co...

6.5CVSS6.6AI score0.00673EPSS
CVE
CVE
added 2019/09/20 2:54 p.m.52 views

CVE-2015-9387

The CVE-2015-9387 entry concerns the mTouch Quiz WordPress plugin prior to version 3.1.3. The root cause is a cross-site request forgery (CSRF) vulnerability in wp-admin/options-general.php, which could allow an attacker to induce an administrator’s browser to perform unwanted actions on the Word...

6.5CVSS6.6AI score0.00673EPSS
CVE
CVE
added 2015/01/13 3:0 p.m.50 views

CVE-2014-100022

The CVE-2014-100022 issue affects the WordPress plugin mTouch Quiz (WordPress plugin) specifically the 3.0.7-and-earlier versions. The vulnerability arises in the file question.php, where the quiz parameter passed to wp-admin/edit.php enables SQL injection due to improper input handling. This can...

7.5CVSS8.8AI score0.0234EPSS
Web
CVE
CVE
added 2015/01/13 3:0 p.m.45 views

CVE-2014-100023

CVE-2014-100023 affects the WordPress mTouch Quiz plugin (before 3.0.7). The vulnerability is a cross-site scripting (XSS) in question.php where the quiz parameter sent to wp-admin/edit.php can inject arbitrary script/HTML. Documented as reflected XSS in various sources; impact is remote attacker...

4.3CVSS6AI score0.02046EPSS
Web