Quiz And Survey Master
by Expresstech
CVEs (30)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-40698 | 0.00 | — | 0.00 | Nov 18, 2022 | Auth. (subscriber+) Cross-Site Scripting (XSS) vulnerability in Quiz And Survey Master plugin <= 7.3.10 on WordPress. | |||
| CVE-2022-41652 | 0.00 | — | 0.01 | Nov 18, 2022 | Bypass vulnerability in Quiz And Survey Master plugin <= 7.3.10 on WordPress. | |||
| CVE-2021-36905 | 0.00 | — | 0.00 | Nov 17, 2022 | Multiple Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in Quiz And Survey Master plugin <= 7.3.4 on WordPress. | |||
| CVE-2021-36906 | 0.00 | — | 0.01 | Nov 3, 2022 | Multiple Insecure Direct Object References (IDOR) vulnerabilities in ExpressTech Quiz And Survey Master plugin <= 7.3.6 on WordPress. | |||
| CVE-2021-36864 | 0.00 | — | 0.00 | Oct 28, 2022 | Auth. (editor+) Reflected Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress. | |||
| CVE-2021-36863 | 0.00 | — | 0.00 | Oct 28, 2022 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress. | |||
| CVE-2021-36865 | 0.00 | — | 0.00 | Sep 30, 2022 | Insecure direct object references (IDOR) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 at WordPress allows attackers to change the content of the quiz. | |||
| CVE-2022-0182 | 0.00 | — | 0.01 | Jan 17, 2022 | Stored cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote authenticated attacker to inject an arbitrary script via an website that uses Quiz And Survey Master. | |||
| CVE-2022-0181 | 0.00 | — | 0.01 | Jan 17, 2022 | Reflected cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to inject an arbitrary script via unspecified vectors. | |||
| CVE-2022-0180 | 0.00 | — | 0.01 | Jan 17, 2022 | Cross-site request forgery (CSRF) vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to hijack the authentication of administrators and conduct arbitrary operations via a specially crafted web page. |
- CVE-2022-40698Nov 18, 2022risk 0.00cvss —epss 0.00
Auth. (subscriber+) Cross-Site Scripting (XSS) vulnerability in Quiz And Survey Master plugin <= 7.3.10 on WordPress.
- CVE-2022-41652Nov 18, 2022risk 0.00cvss —epss 0.01
Bypass vulnerability in Quiz And Survey Master plugin <= 7.3.10 on WordPress.
- CVE-2021-36905Nov 17, 2022risk 0.00cvss —epss 0.00
Multiple Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in Quiz And Survey Master plugin <= 7.3.4 on WordPress.
- CVE-2021-36906Nov 3, 2022risk 0.00cvss —epss 0.01
Multiple Insecure Direct Object References (IDOR) vulnerabilities in ExpressTech Quiz And Survey Master plugin <= 7.3.6 on WordPress.
- CVE-2021-36864Oct 28, 2022risk 0.00cvss —epss 0.00
Auth. (editor+) Reflected Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress.
- CVE-2021-36863Oct 28, 2022risk 0.00cvss —epss 0.00
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress.
- CVE-2021-36865Sep 30, 2022risk 0.00cvss —epss 0.00
Insecure direct object references (IDOR) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 at WordPress allows attackers to change the content of the quiz.
- CVE-2022-0182Jan 17, 2022risk 0.00cvss —epss 0.01
Stored cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote authenticated attacker to inject an arbitrary script via an website that uses Quiz And Survey Master.
- CVE-2022-0181Jan 17, 2022risk 0.00cvss —epss 0.01
Reflected cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to inject an arbitrary script via unspecified vectors.
- CVE-2022-0180Jan 17, 2022risk 0.00cvss —epss 0.01
Cross-site request forgery (CSRF) vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to hijack the authentication of administrators and conduct arbitrary operations via a specially crafted web page.
Page 2 of 2