Quiz And Survey Master < 8.0.8 – Text Message Setting Update via CSRF | CVE 2022-46862

Affects Plugins

quiz-master-next

Fixed in 8.0.8

References

CVE

CVE-2022-46862

Classification

Type

CSRF

OWASP top 10

A2: Broken Authentication and Session Management

CWE

CWE-352

CVSS

4.3 (medium)

Miscellaneous

Original Researcher

Oliver K.

Verified

No

WPVDB ID

05c6df18-d0ee-4104-9ec6-721e57157970

Timeline

Publicly Published

2023-02-12 (about 3 years ago)

Added

2023-02-14 (about 3 years ago)

Last Updated

2023-02-14 (about 3 years ago)

Other

Published

Title

Published

2024-12-11

Title

Insertify <= 1.1.4 - Cross-Site Request Forgery to Remote Code Execution

Published

2022-09-29

Title

Analytify < 4.2.3 - Cache Deletion via CSRF

Published

2025-10-02

Title

Comment Info Detector <= 1.0.5 - Cross-Site Request Forgery to Settings Update

Published

2025-04-25

Title

wp-cyr-cho <= 0.1 - Cross-Site Request Forgery

Published

2025-03-24

Title

Simple Optimizer <= 1.2.7 - Cross-Site Request Forgery