What is CVE-2020-35951?

CVE-2020-35951 is a critical-severity vulnerability in N/a. CVSS score: 9.9/10. Published 2021-01-01.

How severe is CVE-2020-35951?

Critical severity. CVSS v3 base score is 9.9 out of 10.

Is CVE-2020-35951 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2020-35951

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offline and allow an attacker to reinstall w…

EPSS: 0.582 (98.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.9 (Critical). Vector: CVSS:3.1/AC:L/AV:N/A:H/C:L/I:L/PR:N/S:C/UI:N.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

www.wordfence.com/blog/2020/08/critical-vulnerabilities-patched-in-quiz-and-sur… (x_refsource_MISC)
wpscan.com/vulnerability/10348 (x_refsource_MISC)

Frequently asked questions

What is CVE-2020-35951?: CVE-2020-35951 is a critical-severity vulnerability in N/a. CVSS score: 9.9/10. Published 2021-01-01.
How severe is CVE-2020-35951?: Critical severity. CVSS v3 base score is 9.9 out of 10.
Is CVE-2020-35951 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.