Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-37446 | 1 Kibokolabs | 1 Chained Quiz | 2024-07-25 | N/A | 4.8 MEDIUM |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kiboko Labs Chained Quiz allows Stored XSS.This issue affects Chained Quiz: from n/a through 1.3.2.8. | |||||
CVE-2023-25027 | 1 Kibokolabs | 1 Chained Quiz | 2024-02-04 | N/A | 4.8 MEDIUM |
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Chained Quiz plugin <= 1.3.2.5 versions. | |||||
CVE-2021-24690 | 1 Kibokolabs | 1 Chained Quiz | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
The Chained Quiz WordPress plugin before 1.2.7.2 does not properly sanitize or escape inputs in the plugin's settings. | |||||
CVE-2018-14502 | 1 Kibokolabs | 1 Chained Quiz | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
controllers/quizzes.php in the Kiboko Chained Quiz plugin before 1.0.9 for WordPress allows remote unauthenticated users to execute arbitrary SQL commands via the 'answer' and 'answers' parameters. | |||||
CVE-2020-7104 | 1 Kibokolabs | 1 Chained Quiz | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
The chained-quiz plugin 1.1.8.1 for WordPress has reflected XSS via the wp-admin/admin-ajax.php total_questions parameter. | |||||
CVE-2016-10892 | 1 Kibokolabs | 1 Chained Quiz | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
The chained-quiz plugin before 1.0 for WordPress has multiple XSS issues. |