Expresstech Quiz And Survey Master
12 CVEs affecting Expresstech Quiz And Survey Master. Latest disclosed: 2026-06-15. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-28787 | Critical | 9.3 | 2024-03-26 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Quiz And Survey Master.This issue affects Qui… |
CVE-2026-48867 | High | 7.1 | 2026-06-15 | Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master <= 11.1.2 versions. |
CVE-2026-40787 | High | 7.1 | 2026-06-15 | Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master <= 11.0.0 versions. |
CVE-2023-47834 | Medium | 6.5 | 2023-11-22 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExpressTech Quiz And Survey Master plugin <= 8.1.13 versi… |
CVE-2024-27966 | Medium | 5.9 | 2024-04-11 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExpressTech Quiz And Survey Master allows Stored XSS.This… |
CVE-2023-51521 | Medium | 5.4 | 2024-03-16 | Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.18. |
CVE-2023-51507 | Medium | 5.3 | 2024-06-14 | Missing Authorization vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.16. |
CVE-2023-37984 | Medium | 4.3 | 2024-12-13 | Missing Authorization vulnerability in ExpressTech Quiz And Survey Master allows Exploiting Incorrectly Configured Access Control Security Levels.This issue af… |
CVE-2022-0182 | | 2022-01-17 | Stored cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote authenticated attacker to inject an arbitrary scrip… | |
CVE-2022-0181 | | 2022-01-17 | Reflected cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to inject an arbitrary script via unspe… | |
CVE-2022-0180 | | 2022-01-17 | Cross-site request forgery (CSRF) vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to hijack the authentication of admi… | |
CVE-2021-20792 | | 2021-08-18 | Cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.1.14 allows a remote attacker to inject arbitrary script via unspecified vecto… |