Update the WordPress Quiz And Survey Master plugin to the latest available version (at least 7.3.5).
thiennv discovered and reported this Insecure Direct Object References (IDOR) vulnerability in WordPress Quiz And Survey Master Plugin. An insecure direct object reference vulnerability could allow a malicious actor to bypass authorization, authentication, access sensitive files/folders or interact with the database. This vulnerability has been fixed in version 7.3.5.
Unauth. iFrame Injection vulnerability via Paragraph and Short Answer
Improper Input Validation vulnerability
Sensitive Information Disclosure vulnerability
CrossSite Scripting (XSS) vulnerability
Multiple Insecure direct object references (IDOR) vulnerabilities