Description
WordPress Plugin SS Quiz is prone to a cross-site request forgery vulnerability and a security bypass vulnerability. An attacker can exploit these issues to perform unauthorized actions in the context of a user's active session or to bypass security restrictions and gain unauthorized access to the application; other attacks are also possible. WordPress Plugin SS Quiz version 1.11 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.12 or latest
References
Related Vulnerabilities
WordPress Plugin Media from FTP PHP Object Injection (9.79)
WordPress Plugin Activity Log Multiple Cross-Site Scripting Vulnerabilities (2.4.0)
WordPress Plugin WordPress PDF Light Viewer Command Injection (1.4.11)
WordPress Plugin WPUpper Share Buttons Cross-Site Scripting (3.42)
Joomla Use of Insufficiently Random Values Vulnerability (CVE-2012-1562)