Expresstech

Quiz And Survey Master

51 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2026-5797

  • EPSS 0.03%
  • Veröffentlicht 17.04.2026 06:16:30
  • Zuletzt bearbeitet 17.04.2026 06:16:30

The Quiz And Survey Master plugin for WordPress is vulnerable to Arbitrary Shortcode Execution in versions up to and including 11.1.0. This is due to insufficient input sanitization and the execution of do_shortcode() on user-submitted quiz answer te...

6.5

CVE-2026-2412

  • EPSS 0.03%
  • Veröffentlicht 23.03.2026 22:25:39
  • Zuletzt bearbeitet 24.03.2026 15:53:48

The Quiz and Survey Master (QSM) plugin for WordPress is vulnerable to SQL Injection via the 'merged_question' parameter in all versions up to, and including, 10.3.5. This is due to insufficient sanitization of user-supplied input before being used i...

8.5

CVE-2025-67987

  • EPSS 0.04%
  • Veröffentlicht 20.02.2026 15:46:31
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows SQL Injection.This issue affects Quiz And Survey Master: from n/a through <= 10.3...

4.3

CVE-2026-25329

  • EPSS 0.03%
  • Veröffentlicht 19.02.2026 08:26:56
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through <= 10.3.4.

5.3

CVE-2026-25324

  • EPSS 0.04%
  • Veröffentlicht 19.02.2026 08:26:56
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Authorization Bypass Through User-Controlled Key vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a ...

8.8

CVE-2026-24358

  • EPSS 0.06%
  • Veröffentlicht 22.01.2026 16:52:44
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through <= 10.3.3.

6.5

CVE-2025-9318

  • EPSS 0.04%
  • Veröffentlicht 06.01.2026 09:20:59
  • Zuletzt bearbeitet 09.01.2026 13:24:30

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to time-based SQL Injection via the ‘is_linking’ parameter in all versions up to, and including, 10.3.1 due to insufficient escaping on the user supplied...

6.5

CVE-2025-9637

  • EPSS 0.1%
  • Veröffentlicht 06.01.2026 09:20:58
  • Zuletzt bearbeitet 09.01.2026 13:25:57

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability and status checks on multiple functions in all versions up to, and including,...

4.3

CVE-2025-9294

  • EPSS 0.04%
  • Veröffentlicht 06.01.2026 08:21:49
  • Zuletzt bearbeitet 08.04.2026 18:25:26

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the qsm_dashboard_delete_result function in all versions up to, and including, 10.3.1. ...

5.3

CVE-2025-63054

  • EPSS 0.05%
  • Veröffentlicht 09.12.2025 14:52:32
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through <= 10.3.2.