Expresstech

Quiz And Survey Master

54 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.9

CVE-2020-35951

Exploit
  • EPSS 76.33%
  • Veröffentlicht 01.01.2021 04:15:13
  • Zuletzt bearbeitet 21.11.2024 05:28:35

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offline and allow an attacker to reinstall with a WordP...

9.8

CVE-2020-35949

Exploit
  • EPSS 4.93%
  • Veröffentlicht 01.01.2021 04:15:13
  • Zuletzt bearbeitet 21.11.2024 05:28:35

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It made it possible for unauthenticated attackers to upload arbitrary files and achieve remote code execution. If a quiz question could be answered by uploading ...

6.5

CVE-2016-11085

Exploit
  • EPSS 1.02%
  • Veröffentlicht 16.08.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 02:45:27

php/qmn_options_questions_tab.php in the quiz-master-next plugin before 4.7.9 for WordPress allows CSRF, with resultant stored XSS, via the question_name parameter because js/admin_question.js mishandles parsing inside of a SCRIPT element.

6.1

CVE-2019-17599

Exploit
  • EPSS 1.66%
  • Veröffentlicht 13.12.2019 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:32:36

The quiz-master-next (aka Quiz And Survey Master) plugin before 6.3.5 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the from or till parameter (and/or the...