Metrics
Affected Vendors & Products
Mon, 07 Oct 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
ssvc
|
Fri, 27 Sep 2024 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Expresstech
Expresstech quiz And Survey Master |
|
Weaknesses | CWE-79 | |
CPEs | cpe:2.3:a:expresstech:quiz_and_survey_master:*:*:*:*:*:wordpress:*:* | |
Vendors & Products |
Expresstech
Expresstech quiz And Survey Master |
|
Metrics |
cvssV3_1
|
Mon, 23 Sep 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 23 Sep 2024 06:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The Quiz and Survey Master (QSM) WordPress plugin before 9.1.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | |
Title | Quiz and Survey Master (QSM) < 9.1.3 - Author+ Stored XSS | |
References |
|
Status: PUBLISHED
Assigner: WPScan
Published: 2024-09-23T06:00:05.005Z
Updated: 2024-10-07T20:39:27.674Z
Reserved: 2024-09-12T18:04:20.275Z
Link: CVE-2024-8758
Updated: 2024-09-23T15:29:24.439Z
Status : Modified
Published: 2024-09-23T06:15:04.310
Modified: 2024-10-07T21:35:03.193
Link: CVE-2024-8758
No data.