Tag: Quiz and Survey Master

Quiz and Survey Master Plugin 2 Critical Vulnerabilities Patched

Quiz and Survey Master Plugin 2 Critical Vulnerabilities Patched

Security, Plugins
The WordFence Threat Intelligence team detected two vulnerabilities in Quiz and Survey Master (QSM), a WordPress plugin that is installed on over 30,000 sites. These flaws made it possible for unauthenticated attackers to upload arbitrary files and achieve remote code execution, as well as delete arbitrary files like a site’s wp-config.php file which could effectively take a site offline and allow an attacker to take over the vulnerable site. How Quiz and Survey Master is used in WordPress The Quiz and Survey Master is used in WordPress to add quizzes and surveys to sites. One of its features allows site owners to implement file uploads as a response type for a quiz or survey, which could be useful in a number of scenarios, such as a job application questionnaire with a PDF resume upl