The Quiz and Survey Master (QSM) WordPress plugin before 9.1.1 fails to validate and escape certain Quiz fields before displaying them on a page or post where the Quiz is embedded, which could allows
The Quiz and Survey Master (QSM) WordPress plugin before 9.0.5 does not sanitise and escape some of its Quiz settings, which could allow contributors and higher to perform Stored Cross-Site Scripting
The Quiz and Survey Master (QSM) WordPress plugin before 9.1.0 does not properly sanitise and escape some of its Quizz settings, which could allow high privilege users such as contributor to perform
The Quiz and Survey Master (QSM) WordPress plugin before 9.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scr
The Quiz and Survey Master (QSM) WordPress plugin before 9.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scr
The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability and status checks on multip
The Quiz And Survey Master plugin for WordPress is vulnerable to Arbitrary Shortcode Execution in versions up to and including 11.1.0. This is due to insufficient input sanitization and the execution
The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to time-based SQL Injection via the ‘is_linking’ parameter in all versions up to, and including, 10.3.1
The Quiz and Survey Master (QSM) WordPress plugin before 10.2.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a C
The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the qsm_dashboard_delete_result funct
The WordPress Survey & Poll – Quiz, Survey and Poll Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpsurveypoll_results' shortcode in all vers
The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'order' parameter in all versions up to, and including, 11.1.
The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'stm_lms_courses_grid_display' shortcode in a
The Quiz and Survey Master (QSM) plugin for WordPress is vulnerable to SQL Injection via the 'merged_question' parameter in all versions up to, and including, 10.3.5. This is due to insufficient sanit
Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master <= 11.0.0 versions.
Poll, Survey & Quiz Maker Plugin by Opinion Stage Wordpress plugin versions prior to 19.6.25 contain a stored cross-site scripting (XSS) vulnerability via multiple parameters due to insufficient input
Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master <= 11.1.2 versions.
The Qzzr Shortcode Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'qzzr' shortcode in all versions up to, and including, 1.0.1. This is due to insufficient input sanitizatio
The SurveyFunnel – Survey Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'surveyfunnel_lite_survey' shortcode in all versions up to, and including, 1.1.
The Website Content in Page or Post WordPress plugin before 2024.04.09 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is e
Page 1+ Next →