CVE-2022-4033 Information

Description

The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the ‘question[id]’ parameter in versions up to and including 8.0.4 due to insufficient input validation that allows attackers to inject content other than the specified value (i.e. a number file path etc..). This makes it possible attackers to submit values other than the intended input type.

Reference

https://www.wordfence.com/vulnerability-advisories-continued/#CVE-2022-4033 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2801761%40quiz-master-next&new=2801761%40quiz-master-next&sfp_email=&sfph_mail=