SlickQuiz <= 1.3.7.1 - Unauthenticated Stored XSS



Description
The last time it was checked the plugin was still affected and had been closed.

Affects Plugin

no known fix
- plugin closed

References

CVE 2019-12517
PacketStorm 154439
URL https://www.rcesecurity.com/2019/09/H1-4420-From-Quiz-to-Admin-Chaining-Two-0-Days-to-Compromise-an-Uber-Wordpress/

Classification

Type XSS
OWASP Top 10 A7: Cross-Site Scripting (XSS)
CWE CWE-79

Miscellaneous

Original Researcher Julien Ahrens
Views 2777
Verified No
WPVDB ID 9878

Timeline

Publicly Published 2019-09-10 (9 months ago)
Added 2019-09-11 (9 months ago)
Last Updated 2020-02-13 (4 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin