Expresstech

Quiz And Survey Master

54 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-9637

  • EPSS 0.23%
  • Veröffentlicht 06.01.2026 09:20:58
  • Zuletzt bearbeitet 09.01.2026 13:25:57

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability and status checks on multiple functions in all versions up to, and including,...

4.3

CVE-2025-9294

  • EPSS 0.19%
  • Veröffentlicht 06.01.2026 08:21:49
  • Zuletzt bearbeitet 08.04.2026 18:25:26

The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the qsm_dashboard_delete_result function in all versions up to, and including, 10.3.1. ...

5.3

CVE-2025-63054

  • EPSS 0.27%
  • Veröffentlicht 09.12.2025 14:52:32
  • Zuletzt bearbeitet 27.04.2026 19:16:19

Missing Authorization vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through <= 10.3.2.

9.8

CVE-2025-49401

  • EPSS 0.43%
  • Veröffentlicht 05.09.2025 16:15:40
  • Zuletzt bearbeitet 23.04.2026 15:31:36

Incorrect Privilege Assignment vulnerability in axiomthemes smart SEO smartSEO allows Privilege Escalation.This issue affects smart SEO: from n/a through <= 4.0.

8.5

CVE-2025-55708

  • EPSS 0.25%
  • Veröffentlicht 14.08.2025 18:21:34
  • Zuletzt bearbeitet 23.04.2026 15:32:56

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows SQL Injection.This issue affects Quiz And Survey Master: from n/a through <= 10.2...

6.1

CVE-2024-10679

Exploit
  • EPSS 0.29%
  • Veröffentlicht 25.03.2025 06:00:09
  • Zuletzt bearbeitet 06.05.2025 20:00:37

The Quiz and Survey Master (QSM) WordPress plugin before 9.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capab...

4.3

CVE-2023-37984

  • EPSS 0.38%
  • Veröffentlicht 13.12.2024 15:15:18
  • Zuletzt bearbeitet 28.04.2026 19:20:59

Missing Authorization vulnerability in ExpressTech Quiz And Survey Master allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quiz And Survey Master: from n/a through 8.1.10.

4.8

CVE-2024-8758

  • EPSS 0.36%
  • Veröffentlicht 23.09.2024 06:15:04
  • Zuletzt bearbeitet 07.10.2024 21:35:03

The Quiz and Survey Master (QSM) WordPress plugin before 9.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capab...

4.7

CVE-2024-6879

Exploit
  • EPSS 0.41%
  • Veröffentlicht 26.08.2024 06:15:04
  • Zuletzt bearbeitet 17.05.2025 02:09:38

The Quiz and Survey Master (QSM) WordPress plugin before 9.1.1 fails to validate and escape certain Quiz fields before displaying them on a page or post where the Quiz is embedded, which could allows contributor and above roles to perform Stored Cro...

5.9

CVE-2024-6390

Exploit
  • EPSS 0.31%
  • Veröffentlicht 03.08.2024 06:16:29
  • Zuletzt bearbeitet 06.06.2025 16:10:55

The Quiz and Survey Master (QSM) WordPress plugin before 9.1.0 does not properly sanitise and escape some of its Quizz settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks