The Quiz and Survey Master (QSM) WordPress plugin before 9.1.0 does not properly sanitise and escape some of its Quizz settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2024-08-03T06:00:05.411Z

Updated: 2024-08-05T14:09:05.215Z

Reserved: 2024-06-27T15:26:42.489Z

Link: CVE-2024-6390

cve-icon Vulnrichment

Updated: 2024-08-05T14:08:04.813Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-08-03T06:16:29.320

Modified: 2024-08-05T14:35:08.267

Link: CVE-2024-6390

cve-icon Redhat

No data.