CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-27854

Stored Cross-Site Scripting (XSS) vulnerability in Alexander Ustimenko's Psychological tests & quizzes plugin <= 0.21.19 on WordPress possible for users with contributor or higher role via &wpt_test_page_submit_button_caption parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.0%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://patchstack.com/database/vulnerability/wp-testing/wordpress-psychological-tests-quizzes-plugin-0-21-19-authenticated-stored-cross-site-scripting-xss-vulnerability-1
https://wordpress.org/plugins/wp-testing/
https://patchstack.com/database/vulnerability/wp-testing/wordpress-psychological-tests-quizzes-plugin-0-21-19-authenticated-stored-cross-site-scripting-xss-vulnerability-1
https://wordpress.org/plugins/wp-testing/

Products affected by CVE-2022-27854

Psychological Tests & Quizzes Project » Psychological Tests & Quizzes » Version: 0.21.19

cpe:2.3:a:psychological_tests_&_quizzes_project:psychological_tests_&_quizzes:0.21.19

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-27854

Products

Pricing

Contact Us