CVE-2019-25297

2026-01-16 [email protected]

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Jan 16, 2026 - 21:15 nvd
N/A

Tags

WordPress XSS

Description

Poll, Survey & Quiz Maker Plugin by Opinion Stage Wordpress plugin versions prior to 19.6.25 contain a stored cross-site scripting (XSS) vulnerability via multiple parameters due to insufficient input validation and output escaping. An unauthenticated attacker can inject arbitrary script into content that executes when a victim views an affected page.

Analysis

Quiz Maker Plugin by Opinion Stage Wordpre versions up to 19.6.25 is affected by cross-site scripting (xss).

Technical Context

This vulnerability (CWE-79: Cross-site Scripting (XSS)) exists in the multiple component. Poll, Survey & Quiz Maker Plugin by Opinion Stage Wordpress plugin versions prior to 19.6.25 contain a stored cross-site scripting (XSS) vulnerability via multiple parameters due to insufficient input validation and output escaping. An unauthenticated attacker can inject arbitrary script into content that executes when a victim views an affected page.

Affected Products

Product: Quiz Maker Plugin by Opinion Stage Wordpre. Versions: up to 19.6.25. Component: multiple.

Remediation

Monitor vendor advisories for a patch. Implement output encoding and Content Security Policy headers.

Priority Score

0
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +0
POC: 0

Share

CVE-2019-25297 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy