Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress 8.1.15

  • Severity: medium-risk
  • Status: Fixed
  • Publication: September 12, 2023

The Quiz and Survey Master plugin for WordPress is vulnerable to a type of attack called Cross-Site Request Forgery. This means that someone could potentially trick an administrator of a website into clicking a link that would perform an action on the website without their knowledge. Versions of the plugin up to and including 8.1.15 did not have any protection against this. In version 8.1.15, a type of protection was added, but it only works when the request is sent using a specific method. This leaves the website vulnerable to attack.

Detected in:

Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress fixed vulnerable versions: >= * < 8.1.15
Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.