Best Quiz Plugin for WordPress: WP Quiz, 10e625248e7aac4ffc34e9f10525a09b4519750f

CVE, Research URL: 10e625248e7aac4ffc34e9f10525a09b4519750f
Home page URL: Security reports for Best Quiz Plugin for WordPress: WP Quiz
Application: Best Quiz Plugin for WordPress: WP Quiz
Published on: May 22, 2017
Research Description: Best Quiz Plugin for WordPress: WP Quiz [wp-quiz] < 1.0.8 WordPress WP Quiz Plugin <= v1.0.7 - Authenticated Stored XSS Settings fields allows to add XSS. Related file: class-page-config.php. The user should have An author or Editor role. Add XSS payload to Quiz e.g. <script>alert(document.cookie)<script> Update the plugin to v1.0.8.
Affected versions: Min -, max 1.0.8.
Status: vulnerable