Vulnerabilities > Expresstech > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-06-09 CVE-2023-0291 Unspecified vulnerability in Expresstech Quiz and Survey Master
The Quiz And Survey Master for WordPress is vulnerable to authorization bypass due to a missing capability check on the function associated with the qsm_remove_file_fd_question AJAX action in versions up to, and including, 8.0.8.
network
low complexity
expresstech
critical
9.1
2022-11-18 CVE-2022-41652 Unspecified vulnerability in Expresstech Quiz and Survey Master
Bypass vulnerability in Quiz And Survey Master plugin <= 7.3.10 on WordPress.
network
low complexity
expresstech
critical
9.8