Quiz and survey master
This hub aggregates every CVE we track for Quiz and survey master, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
53
CVEs tracked
4
Critical
10
High
0
In CISA KEV
Severity distribution
MEDIUM36HIGH10CRITICAL4LOW3
Monthly trend
3
2
1
0
0
1
0
0
1
0
0
0
0
1
0
0
0
1
4
3
0
0
0
2
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Quiz and survey master.
- CVE-2026-48867WordPress Quiz And Survey Master plugin <= 11.1.2 - Cross Site Scripting (XSS) vulnerability7.1
- CVE-2026-40787WordPress Quiz And Survey Master plugin <= 11.0.0 - Cross Site Scripting (XSS) vulnerability7.1
- CVE-2025-67987WordPress Quiz And Survey Master plugin <= 10.3.1 - SQL Injection vulnerability8.5
- CVE-2026-25329WordPress Quiz And Survey Master plugin <= 10.3.4 - Broken Access Control vulnerability4.3
- CVE-2026-25324WordPress Quiz And Survey Master plugin <= 10.3.4 - Insecure Direct Object References (IDOR) vulnerability5.3
- CVE-2026-24358WordPress Quiz And Survey Master plugin <= 10.3.3 - Broken Access Control vulnerability4.3
- CVE-2025-9318Quiz and Survey Master (QSM) <= 10.3.1 - Authenticated (Subscriber+) SQL Injection via `is_linking` Query Parameter6.5
- CVE-2025-9637Quiz and Survey Master (QSM) <= 10.3.1 - Missing Authorization to Unpublished, Private And Password-Protected Quiz Information Disclosure And Image Response Uploads6.5
- CVE-2025-9294Quiz And Survey Master <= 10.3.1 - Missing Authorization to Authenticated (Subscriber+) Quiz Results Deletion4.3
- CVE-2025-63054WordPress Quiz And Survey Master plugin <= 10.3.2 - Broken Access Control vulnerability5.3
- CVE-2025-55708WordPress Quiz And Survey Master Plugin <= 10.2.4 - SQL Injection Vulnerability8.5
- CVE-2024-10679Quiz and Survey Master (QSM) < 9.2.1 - Author+ Stored XSS6.1
- CVE-2023-37984WordPress Quiz And Survey Master plugin <= 8.1.10 - Broken Access Control vulnerability4.3
- CVE-2024-8758Quiz and Survey Master (QSM) < 9.1.3 - Author+ Stored XSS4.8
- CVE-2024-6879Quiz and Survey Master (QSM) < 9.1.1 - Contributor+ Stored XSS4.7
Product normalization is registry-driven with AI assist and human review. How it works