CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51487 – WordPress ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.2.32 - Cross Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2023-51487
27 Dec 2023 — Cross-Site Request Forgery (CSRF) vulnerability in ARI Soft ARI Stream Quiz.This issue affects ARI Stream Quiz: from n/a through 1.2.32. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en ARI Soft ARI Stream Quiz. Este problema afecta a ARI Stream Quiz: desde n/a hasta 1.2.32. The ARI Stream Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.32. This is due to missing or incorrect nonce validation. • https://patchstack.com/database/vulnerability/ari-stream-quiz/wordpress-ari-stream-quiz-wordpress-quizzes-builder-plugin-1-2-32-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-47513 – WordPress ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.3.2 - Content Injection vulnerability
https://notcve.org/view.php?id=CVE-2023-47513
07 Nov 2023 — Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in ARI Soft ARI Stream Quiz allows Code Injection.This issue affects ARI Stream Quiz: from n/a through 1.3.2. Neutralización inadecuada de etiquetas HTML relacionadas con secuencias de comandos en una vulnerabilidad de página web (XSS básico) en ARI Soft ARI Stream Quiz permite la inyección de código. Este problema afecta a ARI Stream Quiz: desde n/a hasta 1.3.2. The ARI Stream Quiz – WordPress Quizzes Builder plugin... • https://patchstack.com/database/vulnerability/ari-stream-quiz/wordpress-ari-stream-quiz-wordpress-quizzes-builder-plugin-1-2-32-content-injection-vulnerability?_s_id=cve • CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) CWE-285: Improper Authorization •