The Quiz And Survey Master WordPress plugin before 8.1.11 does not properly sanitize and escape question titles, which could allow users with the Contributor role and above to perform Stored Cross-Site Scripting attacks
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/6f884688-2c0d-4844-bd31-ef7085edf112 | Exploit Third Party Advisory |
https://www.onvio.nl/nieuws/research-day-discovering-vulnerabilities-in-wordpress-plugins | Exploit |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2023-08-07T14:31:20.665Z
Updated: 2023-10-11T08:42:41.211Z
Reserved: 2023-07-10T09:02:10.344Z
Link: CVE-2023-3575
JSON object: View
NVD Information
Status : Modified
Published: 2023-08-07T15:15:11.460
Modified: 2023-11-07T04:19:05.260
Link: CVE-2023-3575
JSON object: View
Redhat Information
No data.
CWE
No CWE.