cleantalk
Vulnerabilities and Security Researches

Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress, CVE-2025-9294

CVE, Research URL

CVE-2025-9294

Home page URL

Security reports for Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress

Application

Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress

Published on
Jan 06, 2026
Research Description
The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the qsm_dashboard_delete_result function in all versions up to, and including, 10.3.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete quiz results.
Affected versions
max 10.3.2.
Status
vulnerable
Previous vulnerability researches
Add Any Extension to Pages (214b59c3-5411-4137-b1a7-3bba417e495b) , Jun 07, 2024
Add Any Extension to Pages (CVE-2023-50873) , Jun 07, 2024
New vulnerability
Accessibly – WordPress Website Accessibility (CVE-2026-3643) , Apr 17, 2026
Barcode Scanner and Inventory manager. POS (Point of Sale) – scan barcodes & create orders with barcode reader. (CVE-2026-4880) , Apr 17, 2026
OneSignal – Web Push Notifications (CVE-2026-3155) , Apr 17, 2026
Magazine Blocks – Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid (CVE-2026-40728) , Apr 17, 2026
BetterDocs – Best Documentation, FAQ & Knowledge Base Plugin with AI Support (CVE-2026-3875) , Apr 17, 2026