A vulnerability was found in Quiz and Survey Master Plugin up to 9.0.1 on WordPress. It has been rated as critical. Affected by this issue is the function
qsm_bulk_delete_question_from_database
. The manipulation of the argument question_id leads to sql injection.
This vulnerability is handled as CVE-2024-5606. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.