CVE-2024-6025

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-6025
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-6025.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-6025
Published
2024-07-11T06:15:02Z
Modified
2025-01-08T09:44:31.882182Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

The Quiz and Survey Master (QSM) WordPress plugin before 9.0.5 does not sanitise and escape some of its Quiz settings, which could allow contributors and higher to perform Stored Cross-Site Scripting attacks

References

Affected packages

Git / github.com/quizandsurveymaster/quiz_master_next

Affected ranges

Type
GIT
Repo
https://github.com/quizandsurveymaster/quiz_master_next
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

3.*

3.3.3
3.4.1
3.5.1
3.5.2
3.6.1
3.7.1
3.8.1
3.8.2
3.9.0

4.*

4.0.0
4.0.1
4.1.0
4.2.0
4.2.1
4.2.2
4.2.3
4.2.4
4.3.0
4.3.1
4.4.0
4.4.1
4.4.2
4.4.3
4.4.4
4.5.0
4.5.1
4.5.2
4.5.3
4.5.4
4.5.5
4.6.0
4.6.1
4.6.2
4.6.3
4.6.4
4.6.5
4.6.6
4.6.7
4.7.0
4.7.1
4.7.10
4.7.2
4.7.3
4.7.4
4.7.5
4.7.6
4.7.7
4.7.8
4.7.9

5.*

5.0.0
5.0.0-beta
5.0.0-beta-2
5.0.1
5.0.2
5.0.3
5.0.4
5.0.5
5.0.6
5.0.7
5.1.0
5.1.1
5.1.2
5.1.3
5.1.4
5.1.5
5.1.6
5.1.7
5.2.0
5.2.0-rc1
5.2.1
5.2.2
5.2.3
5.2.4
5.3.0
5.3.0-rc1
5.3.1
5.3.2

6.*

6.0
6.0-beta
6.0-beta2
6.0.1
6.0.2
6.0.3
6.0.4
6.1.0
6.1.1
6.1.2
6.2.0
6.2.0-beta
6.2.1
6.2.2
6.3.0
6.3.1
6.3.2
6.3.3
6.3.5
6.3.6
6.4
6.4.1
6.4.2

7.*

7.3.10
7.3.11
7.3.12
7.3.13
7.3.14
7.3.9

8.*

8.0
8.0.1
8.0.10
8.0.2
8.0.3
8.0.4
8.0.5
8.0.6
8.0.7
8.0.8
8.0.9
8.1.0
8.1.1
8.1.10
8.1.11
8.1.12
8.1.13
8.1.14
8.1.16
8.1.17
8.1.18
8.1.19
8.1.2
8.1.3
8.1.5
8.1.7
8.1.8
8.1.9
8.2.0
8.2.1
8.2.2
8.2.3

9.*

9.0.0
9.0.1
9.0.2