CVE-2021-20792
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2021-20792. We'll provide specific mitigation strategies based on your environment and risk profile.
Description
Cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.1.14 allows a remote attacker to inject arbitrary script via unspecified vectors.
Available Exploits
WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting
WordPress Quiz and Survey Master plugin prior to 7.1.14 contains a cross-site scripting vulnerability which allows a remote attacker to inject arbitrary script via unspecified vectors.
References:
- https://wpscan.com/vulnerability/4deb3464-00ed-483b-8d91-f9dffe2d57cf
- https://quizandsurveymaster.com/
- https://jvn.jp/en/jp/JVN65388002/index.html
- https://nvd.nist.gov/vuln/detail/CVE-2021-20792
- https://plugins.trac.wordpress.org/changeset?new=2503364%40quiz-master-next%2Ftrunk%2Fphp%2Fadmin%2Fquizzes-page.php&old=2490516%40quiz-master-next%2Ftrunk%2Fphp%2Fadmin%2Fquizzes-page.php
Related News
Affected Products
Affected Versions:
WordPress Vulnerability
Identified and analyzed by Wordfence
Software Type
Patch Status
Published
Software Details
Software Name
Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker
Software Slug
quiz-master-next
Affected Versions
Patched Versions
Remediation
Update to version 7.1.14, or a newer patched version
© Defiant Inc. Data provided by Wordfence.
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
References
Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: May 24, 2022