Kibokolabs Watu_quiz

12 CVEs affecting Kibokolabs Watu_quiz. Latest disclosed: 2025-04-22. Critical: 0, High: 4.

Top CVEs affecting Kibokolabs Watu_quiz
CVESeverityScorePublishedSummary
CVE-2024-53792High8.52024-12-02Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bob Watu Quiz watu allows SQL Injection.This issue affect…
CVE-2025-46242High7.62025-04-22Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bob Watu Quiz watu allows SQL Injection.This issue affect…
CVE-2025-30844High7.12025-04-01Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Watu Quiz watu allows Reflected XSS.This issue affect…
CVE-2023-30483High7.12023-08-14Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.9.2 versions.
CVE-2024-0873Medium6.42024-04-09The Watu Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'watu-basic-chart' shortcode in all versions up to, and includ…
CVE-2015-10111Medium6.32023-06-04A vulnerability was found in Watu Quiz Plugin up to 2.6.7 on WordPress. It has been rated as critical. This issue affects the function watu_exams of the file c…
CVE-2023-0968Medium6.12023-03-03The Watu Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dn’, 'email', 'points', and 'date' parameters in versions up to, an…
CVE-2023-0428Medium6.12023-02-21The Watu Quiz WordPress plugin before 3.3.8.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site…
CVE-2023-25022Medium5.92023-04-07Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.8 versions.
CVE-2024-2640Medium5.42024-07-12The Watu Quiz WordPress plugin before 3.4.1.2 does not sanitise and escape some of its settings, which could allow users such as authors (if they've been autho…
CVE-2023-0429Medium4.82023-02-21The Watu Quiz WordPress plugin before 3.3.8.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perfor…
CVE-2024-0872Medium4.32024-04-09The Watu Quiz plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.1 via the watu-userinfo shortcode…