Reflected Cross-Site Scripting Vulnerability in Watu Quiz Plugin for WordPress
CVE-2023-0968
What is CVE-2023-0968?
The Watu Quiz plugin for WordPress contains a vulnerability that exposes users to Reflected Cross-Site Scripting (XSS) attacks. This issue arises from inadequate input sanitization and output escaping in the parameters 'dn', 'email', 'points', and 'date'. An attacker could exploit this vulnerability by enticing a user to click a malicious link, resulting in the injection of arbitrary web scripts that execute in the user's browser, potentially stealing sensitive information or compromising user sessions.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Watu Quiz * <= 3.3.9
References
EPSS Score
12% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved