Kibokolabs

Chained Quiz

21 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2022-4215

Exploit
  • EPSS 2.49%
  • Veröffentlicht 02.12.2022 21:15:11
  • Zuletzt bearbeitet 21.11.2024 07:34:48

The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'date' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2.3 due to insufficient input sanitization and output escaping. This m...

6.1

CVE-2022-4213

  • EPSS 3.78%
  • Veröffentlicht 02.12.2022 21:15:11
  • Zuletzt bearbeitet 21.11.2024 07:34:48

The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dn' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This mak...

6.1

CVE-2022-4212

Exploit
  • EPSS 1.81%
  • Veröffentlicht 02.12.2022 21:15:11
  • Zuletzt bearbeitet 21.11.2024 07:34:48

The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ipf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This make...

6.1

CVE-2022-4211

Exploit
  • EPSS 1.82%
  • Veröffentlicht 02.12.2022 21:15:11
  • Zuletzt bearbeitet 21.11.2024 07:34:47

The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'emailf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This m...

6.1

CVE-2022-4210

Exploit
  • EPSS 1.82%
  • Veröffentlicht 02.12.2022 21:15:11
  • Zuletzt bearbeitet 21.11.2024 07:34:47

The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'dnf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This make...

6.1

CVE-2022-4209

Exploit
  • EPSS 1.81%
  • Veröffentlicht 02.12.2022 21:15:11
  • Zuletzt bearbeitet 21.11.2024 07:34:47

The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'pointsf' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This ...

6.1

CVE-2022-4208

Exploit
  • EPSS 1.97%
  • Veröffentlicht 02.12.2022 21:15:11
  • Zuletzt bearbeitet 21.11.2024 07:34:47

The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'datef' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This ma...

5.4

CVE-2021-24690

Exploit
  • EPSS 0.18%
  • Veröffentlicht 11.10.2021 11:15:09
  • Zuletzt bearbeitet 21.11.2024 05:53:34

The Chained Quiz WordPress plugin before 1.2.7.2 does not properly sanitize or escape inputs in the plugin's settings.

9.8

CVE-2018-14502

Exploit
  • EPSS 4.48%
  • Veröffentlicht 10.03.2020 13:15:12
  • Zuletzt bearbeitet 21.11.2024 03:49:12

controllers/quizzes.php in the Kiboko Chained Quiz plugin before 1.0.9 for WordPress allows remote unauthenticated users to execute arbitrary SQL commands via the 'answer' and 'answers' parameters.

6.1

CVE-2020-7104

Exploit
  • EPSS 2.61%
  • Veröffentlicht 17.01.2020 23:15:13
  • Zuletzt bearbeitet 21.11.2024 05:36:38

The chained-quiz plugin 1.1.8.1 for WordPress has reflected XSS via the wp-admin/admin-ajax.php total_questions parameter.