Missing Authorization vulnerability in Quiz Maker
CVE-2023-23985

3.7LOW

Key Information:

Vendor: WordPress
Status: Quiz Maker
Vendor: CVE Published:; 24 April 2024

What is CVE-2023-23985?

The missing authorization vulnerability within the Quiz Maker plugin allows unauthorized users to manipulate content. This flaw potentially exposes sensitive data and disrupts the integrity of content management within affected versions of the plugin. It is crucial for users of Quiz Maker to implement security measures to safeguard against unauthorized access and ensure effective user permissions.

Affected Version(s)

Quiz Maker <= 6.3.9.4

References

https://patchstack.com/database/vulnerability/quiz-maker/...

vdb-entry

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 24, 2024
Vulnerability Reserved
Jan 20, 2023

Credit

yuyudhn (Patchstack Alliance)

WordPress

What is CVE-2023-23985?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit