Chained Quiz < 1.3.2.4 - Multiple Reflected Cross-Site Scripting

2022-12-0200:00:00

wpscan.com

0.001 Low

EPSS

Percentile

39.9%

JSON

The plugin does not sanitise and escape the ip and date parameters before outputting them back in the chainedquiz_list page, which could lead to reflected Cross-Site Scripting

CPENameOperatorVersion
chained-quizlt1.3.2.3

CPE	Name	Operator	Version
	chained-quiz	lt	1.3.2.3

0.001 Low

EPSS

Percentile

39.9%

JSON

Related for WPVDB-ID:B040DF63-6C2A-49C7-B416-E0F6EBB775A9