CVE-2015-9386

Name of the Vulnerable Software and Affected Versions mtouch-quiz plugin versions prior to 3.1.3 for WordPress

Description The issue is related to a Cross-Site Scripting (XSS) flaw. This occurs via the quiz parameter during a Quiz Manage operation.

Recommendations For versions prior to 3.1.3, update to version 3.1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the Quiz Manage operation until the update is applied. Avoid using the quiz parameter in the affected operation until the issue is resolved.