Missing Authorization vulnerability in Quiz Maker
CVE-2023-23985

3.7LOW

Key Information:

Vendor: WordPress
Status: Quiz Maker
Vendor: CVE Published:; 24 April 2024

Summary

The missing authorization vulnerability within the Quiz Maker plugin allows unauthorized users to manipulate content. This flaw potentially exposes sensitive data and disrupts the integrity of content management within affected versions of the plugin. It is crucial for users of Quiz Maker to implement security measures to safeguard against unauthorized access and ensure effective user permissions.

Affected Version(s)

Quiz Maker <= 6.3.9.4

References

https://patchstack.com/database/vulnerability/quiz-maker/...

vdb-entry

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 24, 2024
Vulnerability Reserved
Jan 20, 2023

Credit

yuyudhn (Patchstack Alliance)