cleantalk
Vulnerabilities and Security Researches

Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress, CVE-2025-6790

CVE, Research URL

CVE-2025-6790

Home page URL

Security reports for Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress

Application

Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress

Published on
Aug 14, 2025
Research Description
The Quiz and Survey Master (QSM) WordPress plugin before 10.2.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.
Affected versions
Min -, max 10.2.3.
Status
vulnerable
Previous vulnerability researches
Snow Storm (b9155ea27a956bb6aecadd924fc7ba8cfeaf37c3) , Mar 22, 2025
Snow Storm (CVE-2025-30858) , Apr 05, 2025
New vulnerability
Redux Framework , Aug 28, 2025
Hesabfa Accounting (CVE-2025-48362) , Aug 28, 2025
Hesabfa Accounting (CVE-2025-48361) , Aug 28, 2025
Statify Widget (CVE-2025-48322) , Aug 28, 2025
百度分享按钮 (CVE-2025-48320) , Aug 28, 2025