CVE-2026-13767 | expresstech Quiz and Survey Master Plugin up to 11.2.0 on WordPress AJAX handler qsm_ajax_save_pages sql injection
A vulnerability was found in expresstech Quiz and Survey Master Plugin up to 11.2.0 on WordPress and classified as critical. Affected is the function qsm_ajax_save_pages of the component AJAX handler. The manipulation of the argument pages results in sql injection.
This vulnerability was named CVE-2026-13767. The attack may be performed from remote. There is no available exploit.VulDB Recent EntriesRead More