This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: SQL Injection (SQLi) in **Quiz And Survey Master** plugin. <br>π₯ **Consequences**: Attackers can steal, modify, or delete database content.β¦
π‘οΈ **Root Cause**: **CWE-89** (Improper Neutralization of Special Elements used in an SQL Command). <br>π **Flaw**: The `question_id` parameter is not properly sanitized, allowing malicious SQL code to be executed.
Q3Who is affected? (Versions/Components)
π¦ **Affected**: WordPress Plugin **Quiz And Survey Master (QSM)**. <br>π **Version**: **9.0.1** and earlier versions. <br>π’ **Vendor**: ExpressTech.
Q4What can hackers do? (Privileges/Data)
π΅οΈ **Attacker Actions**: <br>1. **Read** sensitive data (user credentials, site config). <br>2. **Modify** database records. <br>3. **Delete** critical data. <br>4.β¦
π **Threshold**: **Low** for exploitation, but requires **Low Privileges** (PR:L). <br>π **Network**: Remote (AV:N). <br>β οΈ **Note**: An attacker needs valid WordPress credentials to trigger the vulnerable parameter.
Q6Is there a public Exp? (PoC/Wild Exploitation)
π **Exploit Status**: No public PoC/Exploit listed in the data. <br>π **References**: WordFence and WordPress Trac links provided, but no direct exploit code available yet.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: <br>1. Check installed plugins for **Quiz And Survey Master**. <br>2. Verify version is **β€ 9.0.1**. <br>3. Scan for SQLi patterns in `question_id` parameters using security scanners.
Q8Is it fixed officially? (Patch/Mitigation)
β **Fix**: Yes, an official fix exists. <br>π **Patch**: See WordPress Trac changeset **3097878**. <br>π οΈ **Action**: Update the plugin to the latest version immediately.
Q9What if no patch? (Workaround)
π§ **No Patch Workaround**: <br>1. **Disable** the plugin if not in use. <br>2. Restrict access to quiz/survey endpoints. <br>3. Implement **WAF rules** to block SQLi payloads in `question_id`.
Q10Is it urgent? (Priority Suggestion)
π₯ **Urgency**: **HIGH**. <br>π **CVSS**: **9.1** (Critical). <br>π‘ **Priority**: Patch immediately. The impact is High (C:H, I:H, A:H) and the attack vector is Network-based.