Expresstech Quiz And Survey Master (Wordpress Plugin)
9 CVEs affecting Expresstech Quiz And Survey Master (Wordpress Plugin). Latest disclosed: 2022-11-18. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-36898 | High | 7.5 | 2022-10-28 | Auth. SQL Injection (SQLi) vulnerability in Quiz And Survey Master plugin <= 7.3.4 on WordPress. |
CVE-2022-41652 | Medium | 6.5 | 2022-11-18 | Bypass vulnerability in Quiz And Survey Master plugin <= 7.3.10 on WordPress. |
CVE-2022-40698 | Medium | 5.4 | 2022-11-18 | Auth. (subscriber+) Cross-Site Scripting (XSS) vulnerability in Quiz And Survey Master plugin <= 7.3.10 on WordPress. |
CVE-2021-36905 | Medium | 5.4 | 2022-11-17 | Multiple Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerabilities in Quiz And Survey Master plugin <= 7.3.4 on WordPress. |
CVE-2021-36863 | Medium | 5.4 | 2022-10-28 | Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress. |
CVE-2022-42883 | Medium | 5.3 | 2022-11-18 | Sensitive Information Disclosure vulnerability discovered by Quiz And Survey Master plugin <= 7.3.10 on WordPress. |
CVE-2021-36865 | Low | 3.8 | 2022-09-30 | Insecure direct object references (IDOR) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 at WordPress allows attackers to change the conten… |
CVE-2021-36864 | Low | 3.4 | 2022-10-28 | Auth. (editor+) Reflected Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress. |
CVE-2021-36906 | Low | 2.7 | 2022-11-03 | Multiple Insecure Direct Object References (IDOR) vulnerabilities in ExpressTech Quiz And Survey Master plugin <= 7.3.6 on WordPress. |