Vulnerabilities > Slickquiz Project

DATE CVE VULNERABILITY TITLE RISK
2019-09-13 CVE-2019-12517 Cross-site Scripting vulnerability in Slickquiz Project Slickquiz 1.3.7.1
An XSS issue was discovered in the slickquiz plugin through 1.3.7.1 for WordPress.
network
low complexity
slickquiz-project CWE-79
6.1
2019-09-13 CVE-2019-12516 SQL Injection vulnerability in Slickquiz Project Slickquiz 1.3.7.1
The slickquiz plugin through 1.3.7.1 for WordPress allows SQL Injection by Subscriber users, as demonstrated by a /wp-admin/admin.php?page=slickquiz-scores&id= or /wp-admin/admin.php?page=slickquiz-edit&id= or /wp-admin/admin.php?page=slickquiz-preview&id= URI.
network
low complexity
slickquiz-project CWE-89
8.8