Quiz And Survey Master < 6.3.5 – Authenticated Reflected XSS | CVE 2019-17599

Affects Plugins

quiz-master-next

Fixed in 6.3.5

References

CVE

CVE-2019-17599

URL

https://github.com/QuizandSurveyMaster/quiz_master_next/issues/795

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

8.4 (high)

Miscellaneous

Verified

No

WPVDB ID

48b8f1e0-7d10-420f-a940-6ca81e15e293

Timeline

Publicly Published

2019-11-13 (about 6 years ago)

Added

2019-12-13 (about 6 years ago)

Last Updated

2020-08-13 (about 5 years ago)

Other

Published

Title

Published

2022-01-14

Title

Download Monitor < 4.4.7 - Reflected Cross-Site Scripting

Published

2021-06-07

Title

WP Hardening < 1.2.2 - Reflected XSS via URI

Published

2025-04-09

Title

Payment Forms for Paystack < 4.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2015-08-29

Title

Captain Slider 1.0.6 - Cross-Site Scripting (XSS)

Published

2026-03-10

Title

Responsive Contact Form Builder & Lead Generation Plugin < 2.0.2 - Unauthenticated Stored Cross-Site Scripting