CVE-2023-3575

Published: Aug 7, 2023Modified: Apr 23, 2025

5.4

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.3 / Impact: 2.7

Source: NVD

Description

The Quiz And Survey Master WordPress plugin before 8.1.11 does not properly sanitize and escape question titles, which could allow users with the Contributor role and above to perform Stored Cross-Site Scripting attacks

Affected (1)

Products: Expresstech: Quiz And Survey Master

Expresstech

1 product

Quiz And Survey Master

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Expresstech Quiz And Survey Master	Before 8.1.11

References (4)

https://wpscan.com/vulnerability/6f884688-2c0d-4844-bd31-ef7085edf112

Source: contact@wpscan.com

ExploitThird Party Advisory

https://www.onvio.nl/nieuws/research-day-discovering-vulnerabilities-in-wordpress-plugins

Source: contact@wpscan.com

Exploit

https://wpscan.com/vulnerability/6f884688-2c0d-4844-bd31-ef7085edf112

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://www.onvio.nl/nieuws/research-day-discovering-vulnerabilities-in-wordpress-plugins

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

Timeline

No history available yet.