Cross-site scripting (XSS) vulnerability in pages/admin/surveys/create.php in the WP Survey And Quiz Tool plugin 1.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter.Referenceshttp://www.johnleitch.net/Vulnerabilities/WordPress.Survery.And.Quiz.Tool.1.2.1.Reflected.Cross-site.Scripting/57http://secunia.com/advisories/42196http://osvdb.org/69074http://packetstormsecurity.org/1011-exploits/wpsurvey-xss.txthttps://exchange.xforce.ibmcloud.com/vulnerabilities/63056
