Vulnerabilities (CVE)

Filtered by vendor Kibokolabs Subscribe
Filtered by product Chained Quiz
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-37446 1 Kibokolabs 1 Chained Quiz 2024-07-25 N/A 4.8 MEDIUM
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kiboko Labs Chained Quiz allows Stored XSS.This issue affects Chained Quiz: from n/a through 1.3.2.8.
CVE-2023-25027 1 Kibokolabs 1 Chained Quiz 2024-02-04 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Chained Quiz plugin <= 1.3.2.5 versions.
CVE-2021-24690 1 Kibokolabs 1 Chained Quiz 2024-02-04 3.5 LOW 5.4 MEDIUM
The Chained Quiz WordPress plugin before 1.2.7.2 does not properly sanitize or escape inputs in the plugin's settings.
CVE-2018-14502 1 Kibokolabs 1 Chained Quiz 2024-02-04 7.5 HIGH 9.8 CRITICAL
controllers/quizzes.php in the Kiboko Chained Quiz plugin before 1.0.9 for WordPress allows remote unauthenticated users to execute arbitrary SQL commands via the 'answer' and 'answers' parameters.
CVE-2020-7104 1 Kibokolabs 1 Chained Quiz 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
The chained-quiz plugin 1.1.8.1 for WordPress has reflected XSS via the wp-admin/admin-ajax.php total_questions parameter.
CVE-2016-10892 1 Kibokolabs 1 Chained Quiz 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
The chained-quiz plugin before 1.0 for WordPress has multiple XSS issues.