Expresstech Quiz And Survey Master (Qsm) – Easy Quiz And Survey Maker
10 CVEs affecting Expresstech Quiz And Survey Master (Qsm) – Easy Quiz And Survey Maker. Latest disclosed: 2026-04-17. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-3592 | Critical | 9.9 | 2024-06-07 | The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'question_id' paramete… |
CVE-2023-0291 | High | 7.2 | 2023-06-09 | The Quiz And Survey Master for WordPress is vulnerable to authorization bypass due to a missing capability check on the function associated with the qsm_remove… |
CVE-2022-4032 | High | 7.2 | 2022-11-29 | The Quiz and Survey Master plugin for WordPress is vulnerable to iFrame Injection via the 'question[id]' parameter in versions up to, and including, 8.0.4 due… |
CVE-2026-2412 | Medium | 6.5 | 2026-03-23 | The Quiz and Survey Master (QSM) plugin for WordPress is vulnerable to SQL Injection via the 'merged_question' parameter in all versions up to, and including… |
CVE-2025-9318 | Medium | 6.5 | 2026-01-06 | The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to time-based SQL Injection via the ‘is_linking’ parameter in… |
CVE-2025-9637 | Medium | 6.5 | 2026-01-06 | The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missi… |
CVE-2023-0292 | Medium | 5.4 | 2023-06-09 | The Quiz And Survey Master plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.0.8. This is due to missing non… |
CVE-2026-5797 | Medium | 5.3 | 2026-04-17 | The Quiz And Survey Master plugin for WordPress is vulnerable to Arbitrary Shortcode Execution in versions up to and including 11.1.0. This is due to insuffici… |
CVE-2022-4033 | Medium | 5.3 | 2022-11-29 | The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up to, and including, 8.0… |
CVE-2025-9294 | Medium | 4.3 | 2026-01-06 | The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check… |