Expresstech

Quiz And Survey Master

51 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2023-51507

  • EPSS 0.21%
  • Veröffentlicht 14.06.2024 02:15:09
  • Zuletzt bearbeitet 21.11.2024 08:38:16

Missing Authorization vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.16.

6.5

CVE-2024-3592

  • EPSS 0.55%
  • Veröffentlicht 07.06.2024 06:15:10
  • Zuletzt bearbeitet 08.04.2026 19:21:23

The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'question_id' parameter in all versions up to, and including, 9.0.1 due to insufficient escaping on the user supp...

5.9

CVE-2024-27966

  • EPSS 0.12%
  • Veröffentlicht 11.04.2024 01:25:06
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExpressTech Quiz And Survey Master allows Stored XSS.This issue affects Quiz And Survey Master: from n/a through 8.2.2.

9.3

CVE-2023-28787

  • EPSS 32.01%
  • Veröffentlicht 26.03.2024 21:15:50
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.4.

5.4

CVE-2023-51521

  • EPSS 0.05%
  • Veröffentlicht 16.03.2024 01:15:50
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.18.

8.8

CVE-2023-26524

  • EPSS 0.07%
  • Veröffentlicht 13.11.2023 00:15:08
  • Zuletzt bearbeitet 21.11.2024 07:51:40

Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin <= 8.0.10 versions.

5.4

CVE-2023-3575

Exploit
  • EPSS 0.15%
  • Veröffentlicht 07.08.2023 15:15:11
  • Zuletzt bearbeitet 23.04.2025 17:16:38

The Quiz And Survey Master WordPress plugin before 8.1.11 does not properly sanitize and escape question titles, which could allow users with the Contributor role and above to perform Stored Cross-Site Scripting attacks

8.1

CVE-2023-0292

Exploit
  • EPSS 0.42%
  • Veröffentlicht 09.06.2023 06:15:49
  • Zuletzt bearbeitet 08.04.2026 19:17:59

The Quiz And Survey Master plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.0.8. This is due to missing nonce validation on the function associated with the qsm_remove_file_fd_question AJAX action. ...

9.1

CVE-2023-0291

  • EPSS 0.09%
  • Veröffentlicht 09.06.2023 06:15:48
  • Zuletzt bearbeitet 08.04.2026 18:17:41

The Quiz And Survey Master for WordPress is vulnerable to authorization bypass due to a missing capability check on the function associated with the qsm_remove_file_fd_question AJAX action in versions up to, and including, 8.0.8. This makes it possib...

8.8

CVE-2022-46862

  • EPSS 0.17%
  • Veröffentlicht 14.02.2023 12:15:15
  • Zuletzt bearbeitet 21.11.2024 07:31:11

Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin <= 8.0.7 versions.