Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ExpressTech — Vulnerabilities & Security Advisories 36

Browse all 36 CVE security advisories affecting ExpressTech. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ExpressTech operates as a middleware provider specializing in rapid API integration for enterprise logistics and supply chain management systems. Its software architecture, which prioritizes speed over rigorous security validation, has historically exposed numerous flaws, resulting in thirty-six recorded Common Vulnerabilities and Exposures. The most prevalent issues involve remote code execution and cross-site scripting, often stemming from inadequate input sanitization in its public-facing endpoints. Additionally, privilege escalation vulnerabilities have allowed unauthorized users to bypass authentication mechanisms, granting access to sensitive logistical data. While no single catastrophic breach has been publicly attributed to these specific CVEs, the cumulative risk profile suggests systemic weaknesses in access control and session management. Security researchers continue to monitor ExpressTech for patches, noting that the high volume of unresolved issues indicates a lag in addressing critical infrastructure vulnerabilities compared to industry standards.

Top products by ExpressTech: Quiz And Survey Master Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker Quiz And Survey Master (WordPress plugin) Responsive Menu – Create Mobile-Friendly Menu Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress Responsive Menu (WordPress plugin)
CVE IDTitleCVSSSeverityPublished
CVE-2026-5797 Quiz and Survey Master (QSM) <= 11.1.0 - Unauthenticated Shortcode Injection Leading to Arbitrary Quiz Result Disclosure via Quiz Answer Text Input Fields — Quiz and Survey Master (QSM) – Easy Quiz and Survey MakerCWE-74 5.3 Medium2026-04-17
CVE-2026-2412 Quiz and Survey Master (QSM) <= 10.3.5 - Authenticated (Contributor+) SQL Injection via 'merged_question' Parameter — Quiz and Survey Master (QSM) – Easy Quiz and Survey MakerCWE-89 6.5 Medium2026-03-23
CVE-2025-9318 Quiz and Survey Master (QSM) <= 10.3.1 - Authenticated (Subscriber+) SQL Injection via `is_linking` Query Parameter — Quiz and Survey Master (QSM) – Easy Quiz and Survey MakerCWE-89 6.5 Medium2026-01-06
CVE-2025-9637 Quiz and Survey Master (QSM) <= 10.3.1 - Missing Authorization to Unpublished, Private And Password-Protected Quiz Information Disclosure And Image Response Uploads — Quiz and Survey Master (QSM) – Easy Quiz and Survey MakerCWE-862 6.5 Medium2026-01-06
CVE-2025-9294 Quiz And Survey Master <= 10.3.1 - Missing Authorization to Authenticated (Subscriber+) Quiz Results Deletion — Quiz and Survey Master (QSM) – Easy Quiz and Survey MakerCWE-285 4.3 Medium2026-01-06
CVE-2023-37984 WordPress Quiz And Survey Master plugin <= 8.1.10 - Broken Access Control vulnerability — Quiz And Survey MasterCWE-862 4.3 Medium2024-12-13
CVE-2023-51507 WordPress Quiz And Survey Master plugin <= 8.1.16 - Broken Access Control vulnerability — Quiz And Survey MasterCWE-862 5.3 Medium2024-06-14
CVE-2024-3592 Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress <= 9.0.1 - Authenticated (Contributor+) SQL Injection — Quiz and Survey Master (QSM) – Easy Quiz and Survey MakerCWE-89 9.9 Critical2024-06-07
CVE-2023-28787 WordPress Quiz And Survey Master plugin <= 8.1.4 - Unauthenticated SQL Injection vulnerability — Quiz And Survey MasterCWE-89 9.3 Critical2024-03-26
CVE-2024-27966 WordPress Quiz And Survey Master plugin <= 8.2.2 - Cross Site Scripting (XSS) vulnerability — Quiz And Survey MasterCWE-79 5.9 Medium2024-03-21
CVE-2023-51521 WordPress Quiz And Survey Master plugin <= 8.1.18 - Cross Site Request Forgery (CSRF) vulnerability — Quiz And Survey MasterCWE-352 5.4 Medium2024-03-16
CVE-2023-47834 WordPress Quiz And Survey Master Plugin <= 8.1.13 is vulnerable to Cross Site Scripting (XSS) — Quiz And Survey MasterCWE-79 6.5 Medium2023-11-22
CVE-2023-26524 WordPress Quiz And Survey Master Plugin <= 8.0.10 is vulnerable to Cross Site Request Forgery (CSRF) — Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPressCWE-352 4.3 Medium2023-11-12
CVE-2023-0292 Quiz And Survey Master <= 8.0.8 - Cross-Site Request Forgery to Arbitrary Media Deletion — Quiz and Survey Master (QSM) – Easy Quiz and Survey MakerCWE-352 5.4 Medium2023-06-09
CVE-2023-0291 Quiz And Survey Master <= 8.0.8 - Unauthenticated Arbitrary Media Deletion — Quiz and Survey Master (QSM) – Easy Quiz and Survey MakerCWE-862 7.2 High2023-06-09
CVE-2022-46862 WordPress Quiz And Survey Master Plugin <= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF) — Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPressCWE-352 4.3 Medium2023-02-14
CVE-2022-4033 Quiz and Survey Master <= 8.0.4 - Improper Input Validation — Quiz and Survey Master (QSM) – Easy Quiz and Survey MakerCWE-20 5.3 Medium2022-11-29
CVE-2022-4032 Quiz and Survey Master <= 8.0.4 - Unauthenticated iFrame Injection via Paragraph and Short Answer — Quiz and Survey Master (QSM) – Easy Quiz and Survey MakerCWE-20 7.2 High2022-11-29
CVE-2022-42883 WordPress Quiz And Survey Master plugin <= 7.3.10 - Sensitive Information Disclosure vulnerability — Quiz And Survey Master (WordPress plugin)CWE-200 5.3 Medium2022-11-18
CVE-2022-40698 WordPress Quiz And Survey Master plugin <= 7.3.10 - Cross-Site Scripting (XSS) vulnerability — Quiz And Survey Master (WordPress plugin)CWE-79 5.4 Medium2022-11-18
CVE-2022-41652 WordPress Quiz And Survey Master plugin <= 7.3.10 - Bypass vulnerability — Quiz And Survey Master (WordPress plugin) 6.5 Medium2022-11-18
CVE-2021-36905 WordPress Quiz And Survey Master plugin <= 7.3.4 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities — Quiz And Survey Master (WordPress plugin)CWE-79 5.4 Medium2022-11-17
CVE-2021-36906 WordPress Quiz And Survey Master plugin <= 7.3.6 - Multiple Insecure direct object references (IDOR) vulnerabilities — Quiz And Survey Master (WordPress plugin) 2.7 Low2022-11-03
CVE-2021-36898 WordPress Quiz And Survey Master plugin <= 7.3.4 - Auth. SQL Injection (SQLi) vulnerability — Quiz And Survey Master (WordPress plugin)CWE-89 7.5 High2022-10-28
CVE-2021-36864 WordPress Quiz And Survey Master plugin <= 7.3.4 - Auth. Reflected Cross-Site Scripting (XSS) vulnerability — Quiz And Survey Master (WordPress plugin)CWE-79 3.4 Low2022-10-28
CVE-2021-36863 WordPress Quiz And Survey Master plugin <= 7.3.4 - Auth. Stored Cross-Site Scripting (XSS) vulnerability — Quiz And Survey Master (WordPress plugin)CWE-79 5.4 Medium2022-10-28
CVE-2021-36865 WordPress Quiz And Survey Master plugin <= 7.3.4 - Insecure direct object references (IDOR) vulnerability — Quiz And Survey Master (WordPress plugin) 3.8 Low2022-09-30
CVE-2022-25602 WordPress Responsive Menu plugin <= 4.1.7 - Nonce token leak leading to arbitrary file upload, theme deletion, plugin settings change vulnerability — Responsive Menu (WordPress plugin)CWE-200 8.3 High2022-03-18
CVE-2022-0182 WordPress plugin跨站脚本漏洞 — Quiz And Survey Master 5.4 -2022-01-17
CVE-2022-0181 WordPress plugin跨站脚本漏洞 — Quiz And Survey Master 6.1 -2022-01-17

This page lists every published CVE security advisory associated with ExpressTech. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.