Vulnerabilities > Kibokolabs
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-11 | CVE-2021-24690 | Cross-site Scripting vulnerability in Kibokolabs Chained Quiz The Chained Quiz WordPress plugin before 1.2.7.2 does not properly sanitize or escape inputs in the plugin's settings. | 3.5 |
| 2021-09-10 | CVE-2021-38358 | Cross-site Scripting vulnerability in Kibokolabs Moolamojo 0.7.4.1 The MoolaMojo WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the classes parameter found in the ~/views/button-generator.html.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.7.4.1. | 4.3 |
| 2021-09-09 | CVE-2021-38317 | Cross-site Scripting vulnerability in Kibokolabs Konnichiwa The Konnichiwa! Membership WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the plan_id parameter in the ~/views/subscriptions.html.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.8.3. | 4.3 |
| 2020-03-10 | CVE-2018-14502 | SQL Injection vulnerability in Kibokolabs Chained Quiz controllers/quizzes.php in the Kiboko Chained Quiz plugin before 1.0.9 for WordPress allows remote unauthenticated users to execute arbitrary SQL commands via the 'answer' and 'answers' parameters. | 7.5 |
| 2020-01-17 | CVE-2020-7104 | Cross-site Scripting vulnerability in Kibokolabs Chained Quiz 1.1.8.1 The chained-quiz plugin 1.1.8.1 for WordPress has reflected XSS via the wp-admin/admin-ajax.php total_questions parameter. | 4.3 |
| 2019-09-26 | CVE-2015-9418 | Cross-Site Request Forgery (CSRF) vulnerability in Kibokolabs Watupro The Watu Pro plugin before 4.9.0.8 for WordPress has CSRF that allows an attacker to delete quizzes. | 5.8 |
| 2019-08-20 | CVE-2016-10892 | Cross-site Scripting vulnerability in Kibokolabs Chained Quiz The chained-quiz plugin before 1.0 for WordPress has multiple XSS issues. | 4.3 |
| 2019-05-27 | CVE-2019-12345 | Cross-site Scripting vulnerability in Kibokolabs Hostel XSS exists in the Kiboko Hostel plugin before 1.1.4 for WordPress. | 4.3 |
| 2018-12-03 | CVE-2018-1002009 | Cross-site Scripting vulnerability in Kibokolabs Arigato Autoresponder and Newsletter 2.5.1.8 There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. | 3.5 |
| 2018-12-03 | CVE-2018-1002008 | Cross-site Scripting vulnerability in Kibokolabs Arigato Autoresponder and Newsletter 2.5.1.8 There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. | 3.5 |