Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:expresstech:quiz_and_survey_master:9.0.4:*:*:*:*:wordpress:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-8758 |
The Quiz and Survey Master (QSM) WordPress plugin before 9.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). Published: September 23, 2024; 2:15:04 AM -0400 |
V4.0:(not available) V3.1: 4.8 MEDIUM V2.0:(not available) |
CVE-2024-6025 |
The Quiz and Survey Master (QSM) WordPress plugin before 9.0.5 does not sanitise and escape some of its Quiz settings, which could allow contributors and higher to perform Stored Cross-Site Scripting attacks Published: July 11, 2024; 2:15:02 AM -0400 |
V4.0:(not available) V3.1: 5.4 MEDIUM V2.0:(not available) |