CVE-2024-10633

Name of the Vulnerable Software and Affected Versions The Quiz Maker Business, Developer, and Agency plugins for WordPress versions 8.8.0 and earlier (Business) The Quiz Maker Business, Developer, and Agency plugins for WordPress versions 21.8.0 and earlier (Developer) The Quiz Maker Business, Developer, and Agency plugins for WordPress versions 31.8.0 and earlier (Agency)

Description The issue is due to the software allowing users to execute an action that does not properly validate a value before running do shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Recommendations The Quiz Maker Business, Developer, and Agency plugins for WordPress version 8.8.0 and earlier (Business) should update to a version later than 8.8.0. The Quiz Maker Business, Developer, and Agency plugins for WordPress version 21.8.0 and earlier (Developer) should update to a version later than 21.8.0. The Quiz Maker Business, Developer, and Agency plugins for WordPress version 31.8.0 and earlier (Agency) should update to a version later than 31.8.0.