WordPress Watu Quiz 漏洞列表

共找到 2 个与 WordPress Watu Quiz 相关的漏洞

📅 加载漏洞趋势中...

CVE-2023-0968: WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting POC

日期: 2025-08-01 | 影响软件: WordPress Watu Quiz

WordPress Watu Quiz plugin before 3.3.9.1 is susceptible to cross-site scripting. The plugin does not sanitize and escape some parameters, such as email, dn, date, and points, before outputting then back in a page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This exploit can be used against high-privilege users such as admin.
CVE-2023-0968: WordPress Watu Quiz <3.3.9.1 - Cross-Site Scripting POC

日期: 2025-08-01 | 影响软件: WordPress Watu Quiz

WordPress Watu Quiz plugin before 3.3.9.1 is susceptible to cross-site scripting. The plugin does not sanitize and escape some parameters, such as email, dn, date, and points, before outputting then back in a page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This exploit can be used against high-privilege users such as admin.