CVE-2026-24544
- EPSS 0.03%
- Veröffentlicht 23.01.2026 14:28:52
- Zuletzt bearbeitet 27.01.2026 17:16:13
Missing Authorization vulnerability in Harmonic Design HD Quiz hd-quiz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HD Quiz: from n/a through <= 2.0.9.
CVE-2024-13383
- EPSS 0.06%
- Veröffentlicht 15.05.2025 20:15:39
- Zuletzt bearbeitet 10.06.2025 13:11:27
The HD Quiz WordPress plugin before 2.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (f...
CVE-2024-22161
- EPSS 0.06%
- Veröffentlicht 31.01.2024 18:15:47
- Zuletzt bearbeitet 21.11.2024 08:55:42
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Harmonic Design HD Quiz allows Stored XSS.This issue affects HD Quiz: from n/a through 1.8.11.
CVE-2021-24571
- EPSS 0.18%
- Veröffentlicht 23.08.2021 12:15:10
- Zuletzt bearbeitet 21.11.2024 05:53:19
The HD Quiz WordPress plugin before 1.8.4 does not escape some of its Answers before outputting them in attribute when generating the Quiz, which could lead to Stored Cross-Site Scripting issues