CVE-2022-27854

Name of the Vulnerable Software and Affected Versions Alexander Ustimenko's Psychological tests & quizzes plugin versions <= 0.21.19

Description The issue is a Stored Cross-Site Scripting (XSS) vulnerability. It affects users with a contributor or higher role. The vulnerability can be exploited via the wpt test page submit button caption parameter.

Recommendations For Alexander Ustimenko's Psychological tests & quizzes plugin versions <= 0.21.19, update to a version higher than 0.21.19 to resolve the issue. As a temporary workaround, consider restricting access to the wpt test page submit button caption parameter for users with contributor or higher roles until a patch is available.