Kibokolabs Watu_quiz
12 CVEs affecting Kibokolabs Watu_quiz. Latest disclosed: 2025-04-22. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-53792 | High | 8.5 | 2024-12-02 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bob Watu Quiz watu allows SQL Injection.This issue affect… |
CVE-2025-46242 | High | 7.6 | 2025-04-22 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bob Watu Quiz watu allows SQL Injection.This issue affect… |
CVE-2025-30844 | High | 7.1 | 2025-04-01 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Watu Quiz watu allows Reflected XSS.This issue affect… |
CVE-2023-30483 | High | 7.1 | 2023-08-14 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.9.2 versions. |
CVE-2024-0873 | Medium | 6.4 | 2024-04-09 | The Watu Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'watu-basic-chart' shortcode in all versions up to, and includ… |
CVE-2015-10111 | Medium | 6.3 | 2023-06-04 | A vulnerability was found in Watu Quiz Plugin up to 2.6.7 on WordPress. It has been rated as critical. This issue affects the function watu_exams of the file c… |
CVE-2023-0968 | Medium | 6.1 | 2023-03-03 | The Watu Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘dn’, 'email', 'points', and 'date' parameters in versions up to, an… |
CVE-2023-0428 | Medium | 6.1 | 2023-02-21 | The Watu Quiz WordPress plugin before 3.3.8.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site… |
CVE-2023-25022 | Medium | 5.9 | 2023-04-07 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.8 versions. |
CVE-2024-2640 | Medium | 5.4 | 2024-07-12 | The Watu Quiz WordPress plugin before 3.4.1.2 does not sanitise and escape some of its settings, which could allow users such as authors (if they've been autho… |
CVE-2023-0429 | Medium | 4.8 | 2023-02-21 | The Watu Quiz WordPress plugin before 3.3.8.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perfor… |
CVE-2024-0872 | Medium | 4.3 | 2024-04-09 | The Watu Quiz plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.1 via the watu-userinfo shortcode… |