Back to search
CVE-2024-6879
Published: Aug 26, 2024
Modified: Aug 28, 2024
PUBLISHED
Description
The Quiz and Survey Master (QSM) WordPress plugin before 9.1.1 fails to validate and escape certain Quiz fields before displaying them on a page or post where the Quiz is embedded, which could allows contributor and above roles to perform Stored Cross-Site Scripting (XSS) attacks.
| Vendor | Product | Versions |
|---|---|---|
Unknown | Quiz and Survey Master (QSM) | affected 0 - < 9.1.1 |
References
https://wpscan.com/vulnerability/4da0b318-03e7-409d-9b02-f108e4232c87/
exploit
vdb-entry
technical-description
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now