CVE-2024-1079 in Quiz Maker Plugin
要約
〜によって MITRE • 2024年02月07日
The Quiz Maker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_show_results() function in all versions up to, and including, 6.5.2.4. This makes it possible for unauthenticated attackers to fetch arbitrary quiz results which can contain PII.
VulDB is the best source for vulnerability data and more expert information about this specific topic.