Vulnerabilities > Expresstech > Quiz AND Survey Master > 5.1.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-04-12 | CVE-2021-24221 | SQL Injection vulnerability in Expresstech Quiz and Survey Master The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin before 7.1.12 did not sanitise the result_id GET parameter on pages with the [qsm_result] shortcode without id attribute, concatenating it in a SQL statement and leading to an SQL injection. | 8.8 |
2021-01-01 | CVE-2020-35951 | Incorrect Authorization vulnerability in Expresstech Quiz and Survey Master An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. | 6.4 |
2021-01-01 | CVE-2020-35949 | Incorrect Permission Assignment for Critical Resource vulnerability in Expresstech Quiz and Survey Master An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. | 7.5 |
2019-12-13 | CVE-2019-17599 | Cross-site Scripting vulnerability in Expresstech Quiz and Survey Master The quiz-master-next (aka Quiz And Survey Master) plugin before 6.3.5 for WordPress is affected by: Cross Site Scripting (XSS). | 4.3 |