Home Hacking News Quiz And Master Survey WP Plugin Vulnerabilities Allowed Site Takeover
Hacking NewsLatest Cyber Security News | Network Security HackingNewsVulnerabilities

Quiz And Master Survey WP Plugin Vulnerabilities Allowed Site Takeover

by Abeerah Hashim
written by Abeerah Hashim
Shield Security WP plugin patched file inclusion vulnerability

Critical vulnerabilities existed in the Quiz and Master Survey plugin that threatened thousands of websites. Exploiting the flaw could allow an attacker to takeover the target website.

Quiz And Master Survey Plugin Vulnerabilities

Wordfence has shared details about security flaws in another WordPress plugin. This time, they found the vulnerabilities in Quiz and Master Survey plugin. It is a dedicated plugin meant for facilitating users in creating various surveys, including exam quizzes, employee surveys, and other questionnaires.

As revealed through their blog post, they found two different vulnerabilities affecting the plugin.

The first of these is a critical severity bug that received a CVSS score of 10.0. The problem affected the file upload feature of the plugin. While this feature facilitates uploading files in response to a survey, its unsecured implementation could allow malicious attacks.

It’s because the feature only checked for the file content type before upload, that anyone could spoof. As explained in the post,

If a quiz contained a file upload which was configured to only accept .txt files, an executable PHP file could be uploaded by setting the “Content-Type” field to ‘text/plain’ to bypass the plugin’s weak checks.

Hence, such upload of PHP files could allow an adversary to achieve remote code execution eventually taking over the site.

The second vulnerability was also a critical severity bug with a CVSS score of 9.9. It aroused because of the improper implementation of the file delete feature. As Wordfence described in the post,

This qsm_remove_file_fd_question function is registered with a regular AJAX action and a nopriv AJAX action. This meant that the function could be triggered by unauthenticated users, which is to be expected due to the quizzes not requiring authentication.

Thus, exploiting this bug could let an unauthenticated adversary delete important files.

The following video demonstrated PoC for the exploit.

Patches Rolled Out

Upon discovering the bugs, the researchers reached out to the vendors to report the flaws. Though, it took them a while to communicate smoothly. Nonetheless, following their reports, the developers quickly fixed both the bugs.

Hence, the patches are available with the Quiz And Survey Master plugin version 7.0.1. Users must update their sites with the latest version to stay protected.

Let us know your thoughts in the comments.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

You may also like

Personal Data Exposed in Massive Global Hack: Understanding...

Guardz Welcomes SentinelOne as Strategic Partner and Investor...

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Match Systems publishes report on the consequences of...

Cypago Announces New Automation Support for AI Security...

LayerSlider WordPress Plugin Vulnerability Affected Thousands Of Websites

OWASP Disclosed Data Breach Affecting Old Members

Center Identity Launches Patented Passwordless Authentication for Businesses

GoPlus’s Latest Report Highlights How Blockchain Communities Are...