CVE-2021-24368
Expert Analysis
Professional remediation guidance
Get tailored security recommendations from our analyst team for CVE-2021-24368. We'll provide specific mitigation strategies based on your environment and risk profile.
Description
The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin WordPress plugin before 7.1.18 did not sanitise or escape its result_id parameter when displaying an existing quiz result page, leading to a reflected Cross-Site Scripting issue. This could allow for privilege escalation by inducing a logged in admin to open a malicious link
Available Exploits
Related News
Affected Products
WordPress Vulnerability
Identified and analyzed by Wordfence
Software Type
Patch Status
Published
Software Details
Software Name
Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker
Software Slug
quiz-master-next
Affected Versions
Patched Versions
Remediation
Update to version 7.1.18, or a newer patched version
© Defiant Inc. Data provided by Wordfence.
GitHub Security Advisories
Community-driven vulnerability intelligence from GitHub
Advisory Details
CVSS Scoring
CVSS Score
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
References
Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: April 4, 2024