The Quiz Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ays_quick_start() and add_question_rows() functions in all versions up to, and including, 6.5.2.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to create arbitrary quizzes.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Wordfence
Published: 2024-02-07T07:32:19.550Z
Updated: 2024-07-05T17:21:40.617Z
Reserved: 2024-01-30T18:01:54.576Z
Link: CVE-2024-1078
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-02-07T08:15:42.863
Modified: 2024-02-14T18:39:51.437
Link: CVE-2024-1078
JSON object: View
Redhat Information
No data.
CWE