Input Validation Bypass in Quiz and Survey Master Plugin for WordPress
CVE-2022-4033
5.3MEDIUM
Key Information:
- Vendor
Wordpress
- Vendor
- CVE Published:
- 29 November 2022
What is CVE-2022-4033?
The Quiz and Survey Master plugin for WordPress allows an attacker to exploit an input validation bypass through the 'question[id]' parameter. This vulnerability arises from inadequate input validation in versions up to 8.0.4, which enables malicious users to inject unintended values such as file paths or non-numeric entries. This flaw could potentially lead to unexpected behavior, allowing attackers to manipulate the plugin's functionality and compromise site integrity.
Affected Version(s)
Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress * <= 8.0.4