Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
The Quiz Maker plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.7.0.80. This is due to the plugin exposing quiz answers through the ays_quiz
The Quiz Maker by AYS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rate_reason' parameter in all versions up to, and including, 6.7.1.29 due to insufficient input sanitiz
The Quiz Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `vc_quizmaker` shortcode in all versions up to, and including, 6.7.1.7 due to insufficient input sanit
The Quiz Maker plugin for WordPress is vulnerable to SQL Injection via spoofed IP headers in all versions up to, and including, 6.7.0.56 due to insufficient escaping on the user supplied parameter and
The Easy Quiz Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wqt-question' shortcode in all versions up to, and including, 2.0 due to insufficient input sani
The Quiz Maker WordPress plugin before 6.5.9.9 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks ev
The AI Quiz | Quiz Maker plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ai_quiz_update_style() f
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ays_save_google_credentials' function
The Ultimate Viral Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on thesave_opti
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized deletion of quiz question answers due to a missing capability check in the delete_question_answer() function of
The Quiz Maker WordPress plugin before 6.7.0.89 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks e
CVE-2026-4365
CRITICAL CVSS 9.1
Find Similar
The LearnPress plugin for WordPress is vulnerable to unauthorized data deletion due to a missing capability check on the `delete_question_answer()` function in all versions up to, and including, 4.3.2
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to SQL Injection via the ‘id’ parameter in all versions up to, and including, 8.8.0 (Business), up to, and including,
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘content’ parameter in all versions up to, and including, 8.8.0 (Business),
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a through <= 6.7.0.64.
The PressPrimer Quiz – AI Quiz Maker, Exam Builder & LMS Assessment Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.3.0 via the 'r
The Easy Flashcards plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1. This is due to missing or incorrect nonce validation on the 'ef_settings
The Survey Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ays_sections[5][questions][8][title]’ parameter in all versions up to, and including, 5.1.3.3 due to insuffi
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a through <= 6.7.0.82.
The Survey Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Survey fields in all versions up to, and including, 4.9.7 due to insufficient input sanitization and output escap
Page 1+ Next →