CVE-2015-9388

Name of the Vulnerable Software and Affected Versions mtouch-quiz plugin versions prior to 3.1.3 for WordPress

Description The issue concerns a CSRF (Cross-Site Request Forgery) vulnerability in the wp-admin/edit.php endpoint, which can lead to XSS (Cross-Site Scripting). This allows an attacker to perform unauthorized actions on the site.

Recommendations For versions prior to 3.1.3, update to version 3.1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the wp-admin/edit.php endpoint to minimize the risk of exploitation.