Update the WordPress Quiz And Survey Master plugin to the latest available version (at least 7.3.5).
Vlad Vector discovered and reported this SQL Injection vulnerability in WordPress Quiz And Survey Master Plugin. This could allow a malicious actor to directly interact with your database, including but not limited to stealing information and creating new administrator accounts. This vulnerability has been fixed in version 7.3.5.
Unauth. iFrame Injection vulnerability via Paragraph and Short Answer
Improper Input Validation vulnerability
Sensitive Information Disclosure vulnerability
CrossSite Scripting (XSS) vulnerability
Multiple Insecure direct object references (IDOR) vulnerabilities