WordPress Plugin Vulnerabilities

Quiz Maker < 6.4.9.5 - Unauthenticated Email Address Disclosure

Description

The plugin does not adequately authorize the `ays_quiz_author_user_search` AJAX action, allowing an unauthenticated attacker to perform a search for users of the system, ultimately leaking user email addresses.

Proof of Concept

Affects Plugins

Plugin icon
quiz-maker
Fixed in 6.4.9.5

References

CVE
CVE-2023-6155

Classification

Type
SENSITIVE DATA DISCLOSURE
OWASP top 10
A3: Sensitive Data Exposure
CWE
CWE-200
CVSS
5.3 (medium)

Miscellaneous

Original Researcher
Krzysztof Zając (CERT PL)
Submitter
Krzysztof Zając (CERT PL)
Submitter website
https://cert.pl
Submitter twitter
cert_polska_en
Verified
Yes
WPVDB ID
c62be802-e91a-4bcf-990d-8fd8ef7c9a28

Timeline

Publicly Published
2023-11-30 (about 2 years ago)
Added
2023-11-30 (about 2 years ago)
Last Updated
2023-11-30 (about 2 years ago)

Other

Published
Title
Published
2025-02-28
Title
GenerateBlocks < 2.0.0 - Authenticated (Contributor+) Sensitive Information Exposure via 'get_image_description'
Published
2024-04-22
Title
Newsletters < 4.9.6 - Information Exposure via Log files
Published
2025-09-26
Title
CoSchedule < 3.4.0 - Unauthenticated Sensitive Information Exposure
Published
2025-05-06
Title
Download Manager and Payment Form WordPress Plugin – WP SmartPay 1.1.0 - 2.7.13 - Authenticated (Subscriber+) Information Exposure
Published
2025-01-13
Title
Event monster < 1.4.4 - Information Exposure Via Visitors List Export