Headline
CVE-2022-41652: WordPress Quiz And Survey Master plugin <= 7.3.10 - Bypass vulnerability - Patchstack
Bypass vulnerability in Quiz And Survey Master plugin <= 7.3.10 on WordPress.
Verified
Fixed
6.5
CVSS 3.1 score Medium severity
Report
Monitoring Not reported to be exploited
Vulnerable versions
<= 7.3.10
PSID
7b38d807170a
Classification
Bypass Vulnerability
OWASP Top 10
A5: Broken Access Control
Required privilege
Can be exploited remotely without any authentication.
Publicly disclosed
2022-10-21
Details
Bypass vulnerability discovered by Thura Moe Myint (Patchstack Alliance) in WordPress Quiz And Survey Master plugin (versions <= 7.3.10).
Solution
Update the WordPress Quiz And Survey Master plugin to the latest available version (at least 7.3.11).
References