First published: Mon Oct 11 2021(Updated: )
The Chained Quiz WordPress plugin before 1.2.7.2 does not properly sanitize or escape inputs in the plugin's settings.
Credit: contact@wpscan.com
Affected Software | Affected Version | How to fix |
---|---|---|
Kibokolabs Chained Quiz Wordpress | <1.2.7.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-24690 is a vulnerability in the Chained Quiz WordPress plugin before version 1.2.7.2 that allows for improper input sanitization or escaping in the plugin's settings.
CVE-2021-24690 affects the Chained Quiz WordPress plugin before version 1.2.7.2 by not properly sanitizing or escaping inputs in the plugin's settings, potentially leading to security vulnerabilities.
CVE-2021-24690 has a severity rating of medium with a CVSS score of 5.4.
To fix CVE-2021-24690, it is recommended to update the Chained Quiz WordPress plugin to version 1.2.7.2 or later, which includes proper input sanitization and escaping.
More information about CVE-2021-24690 can be found at https://wpscan.com/vulnerability/b2f473b4-268c-48b7-95e8-0a8eeaa3fc28.