CVE-2021-24571

Name of the Vulnerable Software and Affected Versions HD Quiz WordPress plugin versions prior to 1.8.4

Description The issue is related to Stored Cross-Site Scripting, where some answers are not properly escaped before being outputted in attributes when generating a quiz. This could lead to potential security issues.

Recommendations For versions prior to 1.8.4, update to version 1.8.4 or later to resolve the issue. As a temporary workaround, consider disabling the quiz generation feature until a patch is available. Restrict access to the quiz module to minimize the risk of exploitation. Avoid using unescaped answers in the affected plugin until the issue is resolved.