GCVE - cpe:2.3:a:expresstech:quiz_and_survey_master_–_best_quiz,_exam_and_survey_plugin_for

Approved changes feed: RSS · Atom

cpe:2.3:a:expresstech:quiz_and_survey_master_–_best_quiz,_exam_and_survey_plugin_for_wordpress:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Expresstech (`8cd29c90-9f0f-5fe0-b0c4-1df4572a401e`)
Product	Quiz And Survey Master – Best Quiz, Exam And Survey Plugin For Wordpress (`fbbad2f1-52c6-5b08-b702-f8f40902873e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-26524`	vulnerable	2026-06-08 05:57:39.880746	WordPress Quiz And Survey Master Plugin <= 8.0.10 is vulnerable to Cross Site Request Forgery (CSRF) MEDIUM (4.3) Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin <= 8.0.10 versions. Published: 2023-11-12T23:55:18.599Z Updated: 2026-04-28T16:08:12.376Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/quiz-master-next/wordpress-quiz-and-survey-master-plugin-8-0-10-cross-site-request-forgery-csrf-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-4033`	vulnerable	2026-06-08 05:51:36.590204	Quiz and Survey Master <= 8.0.4 - Improper Input Validation MEDIUM (5.3) The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input validation that allows attackers to inject content other than the specified value (i.e. a number, file path, etc..). This makes it possible attackers to submit values other than the intended input type. Published: 2022-11-29T20:25:26.881Z Updated: 2026-04-08T17:11:57.352Z Open on db.gcve.eu Reference links https://www.wordfence.com/threat-intel/vulnerabilities/id/9f5cc779-c7de-42e6-a812-5c0539067b8c?source=cve https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2801761%40quiz-master-next&new=2801761%40quiz-master-next&sfp_email=&sfph_mail= https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-4033	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-46862`	vulnerable	2026-06-08 05:50:39.661608	WordPress Quiz And Survey Master Plugin <= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF) MEDIUM (4.3) Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin <= 8.0.7 versions. Published: 2023-02-14T11:26:14.262Z Updated: 2026-04-28T16:07:55.806Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/quiz-master-next/wordpress-quiz-and-survey-master-plugin-8-0-7-cross-site-request-forgery-csrf?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-24368`	vulnerable	2026-06-08 05:30:04.257379	Quiz And Survey Master < 7.1.18 - Reflected Cross-Site Scripting (XSS) The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin WordPress plugin before 7.1.18 did not sanitise or escape its result_id parameter when displaying an existing quiz result page, leading to a reflected Cross-Site Scripting issue. This could allow for privilege escalation by inducing a logged in admin to open a malicious link Published: 2021-06-20T12:31:32.000Z Updated: 2024-08-03T19:28:23.844Z Open on db.gcve.eu Reference links https://wpscan.com/vulnerability/7f2fda5b-45a5-4fc6-968f-90bc9674c999	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Quiz And Survey Master – Best Quiz, Exam And Survey Plugin For Wordpress

PURL mappings

Vulnerability references

Contribute