Reflected XSS Vulnerability in Chained Quiz Plugin for WordPress
CVE-2020-7104
6.1MEDIUM
What is CVE-2020-7104?
The Chained Quiz plugin version 1.1.8.1 for WordPress is susceptible to a reflected cross-site scripting (XSS) vulnerability that occurs via the total_questions parameter in the wp-admin/admin-ajax.php file. When exploited, this vulnerability can allow attackers to inject malicious scripts into web pages viewed by users, potentially compromising their data and site integrity.