Expresstech

expresstech

43 CVEs • 2 products

Products (2)

Click to collapse

Toggle

Quiz And Survey Master

quiz_and_survey_master

Responsive Menu

responsive_menu

CVEs (43)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-11085 1Expresstech 1Quiz And Survey Master Nov 21, 2024 Aug 16, 2020 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 php/qmn_options_questions_tab.php in the quiz-master-next plugin before 4.7.9 for WordPress allows CSRF, with resultant stored XSS, via the question_name parameter because js/admin_question.js mishandles parsing inside o...Show more php/qmn_options_questions_tab.php in the quiz-master-next plugin before 4.7.9 for WordPress allows CSRF, with resultant stored XSS, via the question_name parameter because js/admin_question.js mishandles parsing inside of a SCRIPT element.Show less
CVE-2019-17599 1Expresstech 1Quiz And Survey Master Nov 21, 2024 Dec 13, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The quiz-master-next (aka Quiz And Survey Master) plugin before 6.3.5 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the from...Show more The quiz-master-next (aka Quiz And Survey Master) plugin before 6.3.5 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via the from or till parameter (and/or the quiz_id parameter). The component is: admin/quiz-options-page.php. The attack vector is: When the Administrator is logged in, a reflected XSS may execute upon a click on a malicious URL.Show less
CVE-2017-18513 1Expresstech 1Responsive Menu Nov 21, 2024 Aug 14, 2019 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface.