WordPress Plugin Vulnerabilities

Chained Quiz < 1.0 - Multiple XSS

Description

The Chained Quiz WordPress plugin was affected by a Multiple XSS security vulnerability.

Affects Plugins

Plugin icon
chained-quiz
Fixed in 1.0

References

CVE
CVE-2016-10892

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Verified
No
WPVDB ID
633c1d5f-f38a-4898-b1ec-fe2d7b935d0b

Timeline

Publicly Published
2016-12-21 (about 9 years ago)
Added
2019-08-24 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2024-12-13
Title
Posts and Products Views for WooCommerce < 2.1.1 - Contributor+ Stored XSS
Published
2025-03-28
Title
Paid Member Subscriptions < 2.14.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2024-06-06
Title
WP Time Slots Booking Form < 1.2.11 - Unauthenticated Stored Cross-Site Scripting
Published
2024-07-24
Title
Photo Gallery, Images, Slider in Rbs Image Gallery < 3.2.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Title
Published
2026-02-09
Title
Name Directory < 1.32.1 - Unauthenticated Stored Cross-Site Scripting via Double HTML-Entity Encoding in Submission Form