GHSA-84r3-5rj8-grqq
GitHub Security Advisory
⚠ Unreviewed
MODERATE
Has CVE
Advisory Details
The Quiz and Survey Master (QSM) WordPress plugin before 9.0.2 does not validate and escape some of its Quiz fields before outputting them back in a page/post where the Quiz is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: July 7, 2025 6:28 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.