Machupalli Sree Pragna

**Name of the Vulnerable Software and Affected Versions** The Quizlord WordPress plugin versions through 2.0 **Description** The issue allows high privilege users, such as admin, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example in multisite setups. This is due to the plugin not sanitising and escaping some of its settings. **Recommendations** For The Quizlord WordPress plugin versions through 2.0, update to a version that properly sanitises and escapes its settings to prevent Stored Cross-Site Scripting attacks. As a temporary workaround, consider restricting the use of the plugin's settings by high privilege users until a patch is available.