Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress 6.4.12

  • Severity: medium-risk
  • Status: Fixed
  • Publication: July 29, 2020

The Quiz and Survey Master plugin for WordPress can be vulnerable to a type of security attack called ‘Stored Cross-Site Scripting’. This type of attack can occur in versions of the plugin up to and including 6.4.12. It can happen when someone with malicious intent is able to inject scripts into a page which can then run whenever someone visits the page. This happens because the plugin does not correctly sanitize the inputs it receives, nor does it escape the output properly.

Detected in:

Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress fixed vulnerable versions: >= * <= 6.4.12
Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.