ByteOS Network

CVE-2024-37921

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-5.3||MEDIUM

EPSS-0.18% / 38.60%

||

7 Day CHG~0.00%

Published-01 Nov, 2024 | 14:18

Updated-28 Apr, 2026 | 16:10

WordPress Chained Quiz plugin <= 1.3.2.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Kiboko Labs Chained Quiz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chained Quiz: from n/a through 1.3.2.8.

Vendor-Kiboko Labs kibokolabs

Product-Chained Quiz chained_quiz

CWE ID-CWE-862

Missing Authorization

CVE-2024-37446

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-5.9||MEDIUM

EPSS-0.11% / 28.27%

||

7 Day CHG~0.00%

Published-21 Jul, 2024 | 22:19

Updated-28 Apr, 2026 | 16:09

WordPress Chained Quiz plugin <= 1.3.2.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kiboko Labs Chained Quiz allows Stored XSS.This issue affects Chained Quiz: from n/a through 1.3.2.8.

Vendor-kibokolabs Kiboko Labs

Product-chained_quiz Chained Quiz

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2024-34823

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-4.3||MEDIUM

EPSS-0.12% / 30.66%

||

7 Day CHG~0.00%

Published-10 May, 2024 | 08:21

Updated-28 Apr, 2026 | 16:09

WordPress Arigato Autoresponder and Newsletter plugin <= 2.7.2.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter.This issue affects Arigato Autoresponder and Newsletter: from n/a through 2.7.2.3.

Vendor-Kiboko Labs kibokolabs

Product-Arigato Autoresponder and Newsletter arigato_autoresponder_and_newsletter

CWE ID-CWE-352

Cross-Site Request Forgery (CSRF)

CVE-2023-47686

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-4.3||MEDIUM

EPSS-0.17% / 37.93%

||

7 Day CHG~0.00%

Published-16 Nov, 2023 | 22:44

Updated-28 Apr, 2026 | 16:08

WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.2.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.2.2 versions.

Vendor-kibokolabs Kiboko Labs

Product-arigato_autoresponder_and_newsletter Arigato Autoresponder and Newsletter

CWE ID-CWE-352

Cross-Site Request Forgery (CSRF)

CVE-2023-30483

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-7.1||HIGH

EPSS-0.08% / 23.92%

||

7 Day CHG~0.00%

Published-14 Aug, 2023 | 13:42

Updated-28 Apr, 2026 | 16:08

WordPress Watu Quiz Plugin <= 3.3.9.2 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.9.2 versions.

Vendor-kibokolabs Kiboko Labs

Product-watu_quiz Watu Quiz

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2023-25020

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-7.1||HIGH

EPSS-0.20% / 41.70%

||

7 Day CHG~0.00%

Published-07 Apr, 2023 | 11:08

Updated-28 Apr, 2026 | 16:08

WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.1.1 is vulnerable to Cross Site Scripting (XSS)

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1.1 versions.

Vendor-kibokolabs Kiboko Labs

Product-arigato_autoresponder_and_newsletter Arigato Autoresponder and Newsletter

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2023-25031

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-5.9||MEDIUM

EPSS-0.21% / 42.77%

||

7 Day CHG~0.00%

Published-07 Apr, 2023 | 11:01

Updated-28 Apr, 2026 | 16:08

WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.1 is vulnerable to Cross Site Scripting (XSS)

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1 versions.

Vendor-kibokolabs Kiboko Labs

Product-arigato_autoresponder_and_newsletter Arigato Autoresponder and Newsletter

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2023-25027

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-5.9||MEDIUM

EPSS-0.21% / 42.77%

||

7 Day CHG~0.00%

Published-07 Apr, 2023 | 10:46

Updated-28 Apr, 2026 | 16:08

WordPress Chained Quiz Plugin <= 1.3.2.5 is vulnerable to Cross Site Scripting (XSS)

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Chained Quiz plugin <= 1.3.2.5 versions.

Vendor-kibokolabs Kiboko Labs

Product-chained_quiz Chained Quiz

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2023-25022

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-5.9||MEDIUM

EPSS-0.21% / 42.77%

||

7 Day CHG~0.00%

Published-07 Apr, 2023 | 10:40

Updated-28 Apr, 2026 | 16:08

WordPress Watu Quiz Plugin <= 3.3.8 is vulnerable to Cross Site Scripting (XSS)

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Watu Quiz plugin <= 3.3.8 versions.

Vendor-kibokolabs Kiboko Labs

Product-watu_quiz Watu Quiz

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2023-25061

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-6.5||MEDIUM

EPSS-0.18% / 39.33%

||

7 Day CHG~0.00%

Published-07 Apr, 2023 | 08:35

Updated-28 Apr, 2026 | 16:08

WordPress Arigato Autoresponder and Newsletter Plugin <= 2.7.1.1 is vulnerable to Cross Site Scripting (XSS)

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Arigato Autoresponder and Newsletter plugin <= 2.7.1.1 versions.

Vendor-kibokolabs Kiboko Labs

Product-arigato_autoresponder_and_newsletter Arigato Autoresponder and Newsletter

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2023-24383

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-5.9||MEDIUM

EPSS-0.30% / 53.27%

||

7 Day CHG~0.00%

Published-06 Apr, 2023 | 10:12

Updated-28 Apr, 2026 | 16:08

WordPress Namaste! LMS Plugin <= 2.5.9.1 is vulnerable to Cross Site Scripting (XSS)

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kiboko Labs Namaste! LMS plugin <= 2.5.9.1 versions.

Vendor-kibokolabs Kiboko Labs

Product-namaste\!_lms Namaste! LMS

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Kiboko Labs

Source -

BOS Name -

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -