Published:2022/01/12  Last Updated:2022/01/12

JVN#72788165
Multiple vulnerabilities in WordPress Plugin "Quiz And Survey Master"

Overview

WordPress Plugin "Quiz And Survey Master" contains multiple vulnerabilities.

Products Affected

  • Quiz And Survey Master versions prior to 7.3.7

Description

WordPress Plugin "Quiz And Survey Master" provided by ExpressTech contains multiple vulnerabilities listed below.

  • Cross-site request forgery (CWE-352) - CVE-2022-0180
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score: 4.3
    CVSS v2 AV:N/AC:H/Au:N/C:N/I:P/A:N Base Score: 2.6
  • Reflected cross-site scripting (CWE-79) - CVE-2022-0181
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Base Score: 6.1
    CVSS v2 AV:N/AC:H/Au:N/C:N/I:P/A:N Base Score: 2.6
  • Stored cross-site scripting (CWE-79) - CVE-2022-0182
    CVSS v3 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Base Score: 5.4
    CVSS v2 AV:N/AC:L/Au:S/C:N/I:P/A:N Base Score: 4.0

Impact

  • If a user who is logging in to the product with the administrative privilege accesses a malicious page, unintended operations may be performed - CVE-2022-0180
  • An arbitrary script may be executed on the web browser of the user who is logging in to the product with the administrative privilege - CVE-2022-0181
  • An arbitrary script may be executed on the web browser of the user who is accessing a website that uses the product - CVE-2022-0182

Solution

Update the plugin
Update the plugin according to the information provided by the developer.

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

CVE-2022-0180, CVE-2022-0181
Daiki Sueyoshi reported these vulnerabilitis to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

CVE-2022-0182
Tsutomu Aramaki of Mitsui Bussan Secure Directions, Inc reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2022-0180
CVE-2022-0181
CVE-2022-0182
JVN iPedia JVNDB-2022-000002