CVE-2022-4033

CVSS V2 None CVSS V3 None
Description
The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input validation that allows attackers to inject content other than the specified value (i.e. a number, file path, etc..). This makes it possible attackers to submit values other than the intended input type.
Overview
  • CVE ID
  • CVE-2022-4033
  • Assigner
  • security@wordfence.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-11-29T21:15:12.193
  • Last Modified Date
  • 2022-12-01T22:12:01.910
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:expresstech:quiz_and_survey_master:*:*:*:*:*:wordpress:*:* 1 OR 8.0.4
History
Created Old Value New Value Data Type Notes
2022-12-07 18:05:33 Added to TrackCVE