The plugin does not properly check for authorisation, which could allow users with a role as low as author to perform unauthorised actions, such as delete and duplicate quiz they should not be able to
CPE | Name | Operator | Version |
---|---|---|---|
quiz-master-next | lt | 7.3.7 |