Stored Cross-Site Scripting (XSS) vulnerability in Alexander Ustimenko's Psychological tests & quizzes plugin <= 0.21.19 on WordPress possible for users with contributor or higher user rights.
References
Link | Resource |
---|---|
https://patchstack.com/database/vulnerability/wp-testing/wordpress-psychological-tests-quizzes-plugin-0-21-19-authenticated-stored-cross-site-scripting-xss-vulnerability | Third Party Advisory |
https://wordpress.org/plugins/wp-testing/ | Product Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2022-04-26 12:15
Updated : 2022-05-06 07:02
NVD link : CVE-2021-36867
Mitre link : CVE-2021-36867
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
psychological_tests_\&_quizzes_project
- psychological_tests_\&_quizzes