Lucene search
WPScanVULNRICHMENT:CVE-2024-6025HistoryJul 11, 2024 - 6:00 a.m.
CVE-2024-6025 Quiz and Survey Master < 9.0.5 - Contributor+ Stored XSS
2024-07-1106:00:04
WPScan
github.com
3
cve-2024-6025
quiz and survey master
stored xss
AI Score
5.9
Confidence
High
EPSS
0
Percentile
14.3%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
The Quiz and Survey Master (QSM) WordPress plugin before 9.0.5 does not sanitise and escape some of its Quiz settings, which could allow contributors and higher to perform Stored Cross-Site Scripting attacks
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:expresstech:quiz_and_survey_master:*:*:*:*:*:wordpress:*:*"
],
"vendor": "expresstech",
"product": "quiz_and_survey_master",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "9.0.5",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]Related
osv
osv
CVE-2024-6025
2024-07-11 06:15:02
cvelist
cvelist
CVE-2024-6025 Quiz and Survey Master < 9.0.5 - Contributor+ Stored XSS
2024-07-11 06:00:04
cve
cve
CVE-2024-6025
2024-07-11 06:15:02
nvd
nvd
CVE-2024-6025
2024-07-11 06:15:02
wordfence
wordfence
AI Score
5.9
Confidence
High
EPSS
0
Percentile
14.3%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-6025