CVE-2015-9389

Name of the Vulnerable Software and Affected Versions mtouch-quiz plugin versions prior to 3.1.3 for WordPress

Description The issue is related to a Cross-Site Scripting (XSS) flaw, which occurs via a quiz name. This allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized access or data theft.

Recommendations For mtouch-quiz plugin versions prior to 3.1.3, update to version 3.1.3 or later to resolve the issue. As a temporary workaround, consider restricting user input for quiz names to minimize the risk of exploitation.