Login Sign Up

CVE-2024-6025

5.4 MEDIUM
Cross-Site Scripting

📋 TL;DR

The Quiz and Survey Master WordPress plugin before version 9.0.5 has insufficient input sanitization in quiz settings, allowing authenticated users with contributor-level access or higher to inject malicious scripts. These scripts execute when other users view the affected quiz pages, enabling stored cross-site scripting attacks.

💻 Affected Systems

Products:
  • Quiz and Survey Master WordPress plugin
Versions: All versions before 9.0.5
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Requires WordPress installation with the vulnerable plugin and at least one user with contributor role or higher.

📦 What is this software?

Quiz And Survey Master by Expresstech

View all CVEs affecting Quiz And Survey Master →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with contributor access could inject malicious JavaScript that steals administrator session cookies, leading to full site compromise and potential data exfiltration.

🟠

Likely Case

Malicious contributors inject advertising scripts, redirects, or deface quiz pages viewed by other users.

🟢

If Mitigated

With proper user role management and content security policies, impact is limited to minor page manipulation within quiz content.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires contributor-level access; proof-of-concept details are publicly available in vulnerability disclosures.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 9.0.5

Vendor Advisory: https://wordpress.org/plugins/quiz-master-next/

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'Quiz and Survey Master'. 4. Click 'Update Now' if available, or download version 9.0.5+ from WordPress repository. 5. Activate the updated plugin.

🔧 Temporary Workarounds

Restrict User Roles

all

Temporarily remove contributor editing privileges or downgrade suspicious users to subscriber role.

Content Security Policy

all

Implement CSP headers to restrict script execution from untrusted sources.

Header set Content-Security-Policy "script-src 'self'" in .htaccess or web server config

🧯 If You Can't Patch

  • Disable the Quiz and Survey Master plugin entirely until patching is possible.
  • Audit and remove any suspicious quiz content created by contributors.

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → Quiz and Survey Master → View version details. If version is below 9.0.5, system is vulnerable.

Check Version:

wp plugin list --name='quiz-and-survey-master' --field=version

Verify Fix Applied:

Confirm plugin version is 9.0.5 or higher in WordPress admin panel.

📡 Detection & Monitoring

Log Indicators:

  • Unusual quiz creation/modification by contributor users
  • POST requests to /wp-admin/admin.php?page=mlw_quiz_options containing script tags

Network Indicators:

  • HTTP traffic containing malicious script payloads in quiz parameter submissions

SIEM Query:

source="wordpress.log" AND ("mlw_quiz_options" OR "qsm") AND ("<script>" OR "javascript:")

📊 Metadata

CVE ID: CVE-2024-6025
CVSS v3 Score: 5.4 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-79
Published: July 11, 2024
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-6025, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)