Vulnerabilities > Kibokolabs > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-12-02 CVE-2022-4218 Unspecified vulnerability in Kibokolabs Chained Quiz
The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4.
network
low complexity
kibokolabs
4.3
4.3
2022-12-02 CVE-2022-4219 Unspecified vulnerability in Kibokolabs Chained Quiz
The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4.
network
low complexity
kibokolabs
4.3
4.3
2022-12-02 CVE-2022-4220 Unspecified vulnerability in Kibokolabs Chained Quiz
The Chained Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.2.4.
network
low complexity
kibokolabs
4.3
4.3
2021-10-11 CVE-2021-24690 Unspecified vulnerability in Kibokolabs Chained Quiz
The Chained Quiz WordPress plugin before 1.2.7.2 does not properly sanitize or escape inputs in the plugin's settings.
network
low complexity
kibokolabs
5.4
5.4
2021-09-09 CVE-2021-38317 Cross-site Scripting vulnerability in Kibokolabs Konnichiwa
The Konnichiwa! Membership WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the plan_id parameter in the ~/views/subscriptions.html.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.8.3.
network
low complexity
kibokolabs CWE-79
6.1
6.1
2020-01-17 CVE-2020-7104 Cross-site Scripting vulnerability in Kibokolabs Chained Quiz 1.1.8.1
The chained-quiz plugin 1.1.8.1 for WordPress has reflected XSS via the wp-admin/admin-ajax.php total_questions parameter.
network
low complexity
kibokolabs CWE-79
6.1
6.1
2019-09-26 CVE-2015-9418 Cross-Site Request Forgery (CSRF) vulnerability in Kibokolabs Watupro
The Watu Pro plugin before 4.9.0.8 for WordPress has CSRF that allows an attacker to delete quizzes.
network
low complexity
kibokolabs CWE-352
4.3
4.3
2019-08-20 CVE-2016-10892 Cross-site Scripting vulnerability in Kibokolabs Chained Quiz
The chained-quiz plugin before 1.0 for WordPress has multiple XSS issues.
network
low complexity
kibokolabs CWE-79
6.1
6.1
2019-05-27 CVE-2019-12345 Cross-site Scripting vulnerability in Kibokolabs Hostel
XSS exists in the Kiboko Hostel plugin before 1.1.4 for WordPress.
network
low complexity
kibokolabs CWE-79
6.1
6.1
2018-12-03 CVE-2018-1002009 Cross-site Scripting vulnerability in Kibokolabs Arigato Autoresponder and Newsletter 2.5.1.8
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
network
low complexity
kibokolabs CWE-79
4.8
4.8