// For flags

CVE-2020-35951

Quiz and Survey Master <= 7.0.0 - Unauthenticated Arbitrary File Deletion

Severity Score

9.9
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It allows users to delete arbitrary files such as wp-config.php file, which could effectively take a site offline and allow an attacker to reinstall with a WordPress instance under their control. This occurred via qsm_remove_file_fd_question, which allowed unauthenticated deletions (even though it was only intended for a person to delete their own quiz-answer files).

Se detectó un problema en el plugin Quiz and Survey Master versiones anteriores a 7.0.1 para WordPress.&#xa0;Permite a los usuarios eliminar archivos arbitrarios, como el archivo wp-config.php, que podría desconectar un sitio de manera efectiva y permitir a un atacante reinstalarlo con una instancia de WordPress bajo su control.&#xa0;Esto ocurrió por medio de la función qsm_remove_file_fd_question, que permitió eliminaciones no autenticadas (aunque solo estaba destinado a que una persona eliminara sus propios archivos de respuestas de cuestionarios).

*Credits: Chloe Chamberland
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
High
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
High
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-08-03 CVE Published
  • 2021-01-01 CVE Reserved
  • 2024-08-04 CVE Updated
  • 2024-08-04 First Exploit
  • 2024-12-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-306: Missing Authentication for Critical Function
  • CWE-639: Authorization Bypass Through User-Controlled Key
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Expresstech
Search vendor "Expresstech"
 Quiz And Survey Master
Search vendor "Expresstech" for product "Quiz And Survey Master"
 < 7.0.1
Search vendor "Expresstech" for product "Quiz And Survey Master" and version " < 7.0.1"
wordpress
Affected