CVE-2023-6166

Publication date

2023-12-26 18:33:02

Family

WPScan

State

PUBLISHED

Description

The Quiz Maker WordPress plugin before 6.4.9.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting