CVE-2023-26524: WordPress Quiz And Survey Master Plugin <= 8.0.10 is vulnerable to Cross Site Request Forgery (CSRF)
First published: Sun Nov 12 2023(Updated: )
Cross-Site Request Forgery (CSRF) vulnerability in ExpressTech Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin <= 8.0.10 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Expresstech Quiz And Survey Master | <=8.0.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-26524?
CVE-2023-26524 is a Cross-Site Request Forgery (CSRF) vulnerability found in the WordPress Quiz And Survey Master Plugin version <= 8.0.10.
How severe is CVE-2023-26524?
CVE-2023-26524 has a severity rating of 8.8, which is considered high.
Which software versions are affected by CVE-2023-26524?
Versions of ExpressTech Quiz And Survey Master Plugin for WordPress <= 8.0.10 are affected by CVE-2023-26524.
What is Cross-Site Request Forgery (CSRF)?
Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they are authenticated.
Is there a patch or fix available for CVE-2023-26524?
Yes, a patch or fix is available for CVE-2023-26524. Please refer to the official reference link for more information.
- collector/mitre-cve
- collector/nvd-api
- vendor/expresstech
- canonical/expresstech quiz and survey master
- version/expresstech quiz and survey master/8.0.10