CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-52182 – WordPress ARI Stream Quiz Plugin <= 1.3.0 is vulnerable to PHP Object Injection
https://notcve.org/view.php?id=CVE-2023-52182
29 Dec 2023 — Deserialization of Untrusted Data vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder.This issue affects ARI Stream Quiz – WordPress Quizzes Builder: from n/a through 1.3.0. Vulnerabilidad de deserialización de datos no confiables en ARI Soft ARI Stream Quiz – WordPress Quizzes Builder. Este problema afecta a ARI Stream Quiz – WordPress Quizzes Builder: desde n/a hasta 1.3.0. The ARI Stream Quiz – WordPress Quizzes Builder plugin for WordPress is vulnerable to PHP Object Injection in all v... • https://patchstack.com/database/vulnerability/ari-stream-quiz/wordpress-ari-stream-quiz-plugin-1-3-0-php-object-injection-vulnerability?_s_id=cve • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47835 – WordPress ARI Stream Quiz Plugin <= 1.2.32 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-47835
16 Nov 2023 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.2.32 versions. Vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('Cross-site Scripting') en el complemento ARI Soft ARI Stream Quiz – WordPress Quizzes Builder en versiones <= 1.2.32. The ARI Stream Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and inc... • https://patchstack.com/database/vulnerability/ari-stream-quiz/wordpress-ari-stream-quiz-plugin-1-2-32-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •