Vulnerabilities > Kibokolabs > Chained Quiz > 1.1.8.1

DATE CVE VULNERABILITY TITLE RISK
2022-12-02 CVE-2022-4217 Unspecified vulnerability in Kibokolabs Chained Quiz
The Chained Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'api_key' parameter in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping.
network
low complexity
kibokolabs
4.8
4.8
2022-12-02 CVE-2022-4218 Unspecified vulnerability in Kibokolabs Chained Quiz
The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4.
network
low complexity
kibokolabs
4.3
4.3
2022-12-02 CVE-2022-4219 Unspecified vulnerability in Kibokolabs Chained Quiz
The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4.
network
low complexity
kibokolabs
4.3
4.3
2022-12-02 CVE-2022-4220 Unspecified vulnerability in Kibokolabs Chained Quiz
The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4.
network
low complexity
kibokolabs
4.3
4.3
2021-10-11 CVE-2021-24690 Cross-site Scripting vulnerability in Kibokolabs Chained Quiz
The Chained Quiz WordPress plugin before 1.2.7.2 does not properly sanitize or escape inputs in the plugin's settings.
network
kibokolabs CWE-79
3.5
3.5
2020-01-17 CVE-2020-7104 Cross-site Scripting vulnerability in Kibokolabs Chained Quiz 1.1.8.1
The chained-quiz plugin 1.1.8.1 for WordPress has reflected XSS via the wp-admin/admin-ajax.php total_questions parameter.
network
kibokolabs CWE-79
4.3
4.3