REPORT / 01
Analysis Report · Folder Analysis cache/quiz-master-next_10.3.1 → cache/quiz-master-next_10.3.2 — CVE-2025-9637
Shared security patch analysis results
02 ·
Lifecycle actions
cancel · resume · skip · regenerate
03 ·
Share this analysis
copy link · embed report
03 ·
CVE Security Analysis & Writeups
ai-generated · per cve
Comprehensive security analysis generated by AI for each confirmed CVE match. Click on a CVE to view the detailed writeup including vulnerability background, technical details, patch analysis, and PoC guide.
CVE-2025-9637
NVD
AI-Generated Analysis
05 ·
Findings
filter · search · paginate
Showing 0 to 0 of 0 results
php/classes/class-qmn-quiz-manager.php
AI: 3 vulnerabilities
1 false positive, 2 true positives
CVE-2025-9637
--- cache/quiz-master-next_10.3.1/php/classes/class-qmn-quiz-manager.php 2026-01-08 00:36:12.881987684 +0000+++ cache/quiz-master-next_10.3.2/php/classes/class-qmn-quiz-manager.php 2026-01-08 00:36:31.395108363 +0000@@ -74,8 +74,6 @@ add_shortcode( 'qsm_result', array( $this, 'shortcode_display_result' ) ); add_action( 'wp_ajax_qmn_process_quiz', array( $this, 'ajax_submit_results' ) ); add_action( 'wp_ajax_nopriv_qmn_process_quiz', array( $this, 'ajax_submit_results' ) );- add_action( 'wp_ajax_qsm_get_quiz_to_reload', array( $this, 'qsm_get_quiz_to_reload' ) );- add_action( 'wp_ajax_nopriv_qsm_get_quiz_to_reload', array( $this, 'qsm_get_quiz_to_reload' ) ); add_action( 'wp_ajax_nopriv_qsm_create_quiz_nonce', array( $this, 'qsm_create_quiz_nonce' ) ); add_action( 'wp_ajax_qsm_create_quiz_nonce', array( $this, 'qsm_create_quiz_nonce' ) ); @@ -86,7 +84,7 @@ add_action( 'wp_ajax_qsm_clear_audit_data', array( $this, 'qsm_clear_audit_data' ) ); add_action( 'init', array( $this, 'qsm_process_background_email' ) );- add_action('wp_ajax_nopriv_qsm_ajax_login', array( $this, 'qsm_ajax_login' ) );+ add_action( 'wp_ajax_nopriv_qsm_ajax_login', array( $this, 'qsm_ajax_login' ) ); // Failed submission resubmit or trash add_action( 'wp_ajax_qsm_action_failed_submission_table', array( $this, 'process_action_failed_submission_table' ) );@@ -114,7 +112,7 @@ global $mlwQuizMasterNext, $wpdb; // Get failed alter table query list. $failed_queries = $mlwQuizMasterNext->get_failed_alter_table_queries();- $query_index = ! empty( $_POST['query'] ) ? sanitize_text_field( wp_unslash( $_POST['query'] ) ) : 0;+ $query_index = ! empty( $_POST['query'] ) ? sanitize_text_field( wp_unslash( $_POST['query'] ) ) : 0; if ( ! empty( $failed_queries ) && is_array( $failed_queries ) && isset( $failed_queries[ $query_index ] ) ) { $result = $mlwQuizMasterNext->wpdb_alter_table_query( $failed_queries[ $query_index ] ); // exit loop if query failed to execute@@ -125,9 +123,9 @@ 'message' => $wpdb->last_error, ) );- }else {- if ( array_key_exists($query_index, $failed_queries) ) {- unset($failed_queries[ $query_index ]);+ } else {+ if ( array_key_exists( $query_index, $failed_queries ) ) {+ unset( $failed_queries[ $query_index ] ); } update_option( 'qmn_failed_alter_table_queries', $failed_queries ); wp_send_json_success(@@ -147,97 +145,97 @@ * @since 9.0.2 * @return void */- public function process_action_failed_submission_table() {+ public function process_action_failed_submission_table() { - if ( empty( $_POST['post_id'] ) || empty( $_POST['quiz_action'] ) || ! function_exists( 'is_admin' ) || ! is_admin() || empty( $_POST['qmnnonce'] ) || ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['qmnnonce'] ) ), 'qmn_failed_submission' ) ) {- wp_send_json_error(- array(- 'status' => 'error',- 'message' => __( 'Missing or incorrect input', 'quiz-master-next' ),- )- );- }-- $post_ids = is_array( $_POST['post_id'] ) ? array_map( 'sanitize_key', wp_unslash( $_POST['post_id'] ) ) : array( sanitize_key( wp_unslash( $_POST['post_id'] ) ) );- $action = wp_unslash( sanitize_key( $_POST['quiz_action'] ) );- if ( ! empty( $post_ids ) ) {- foreach ( $post_ids as $postID ) {-- $postID = intval( $postID );-- // Continue if postID not valid- if ( 0 >= $postID ) {- continue;- }+ if ( empty( $_POST['post_id'] ) || empty( $_POST['quiz_action'] ) || ! function_exists( 'is_admin' ) || ! is_admin() || empty( $_POST['qmnnonce'] ) || ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_POST['qmnnonce'] ) ), 'qmn_failed_submission' ) ) {+ wp_send_json_error(+ array(+ 'status' => 'error',+ 'message' => __( 'Missing or incorrect input', 'quiz-master-next' ),+ )+ );+ } - $data = get_post_meta( $postID, $this->meta_key, true );+ $post_ids = is_array( $_POST['post_id'] ) ? array_map( 'sanitize_key', wp_unslash( $_POST['post_id'] ) ) : array( sanitize_key( wp_unslash( $_POST['post_id'] ) ) );+ $action = wp_unslash( sanitize_key( $_POST['quiz_action'] ) );+ if ( ! empty( $post_ids ) ) {+ foreach ( $post_ids as $postID ) { - if ( empty( $data ) ) {- wp_send_json_error(- array(- 'status' => 'error',- 'message' => __( 'Details not found', 'quiz-master-next' ),- 'data' => $data,- )- );- }+ $postID = intval( $postID );++ // Continue if postID not valid+ if ( 0 >= $postID ) {+ continue;+ } - $data = maybe_unserialize( $data );+ $data = get_post_meta( $postID, $this->meta_key, true ); - // Retrieve action.- if ( 'retrieve' === $action ) {- $res = $this->add_quiz_results( $data, 'resubmit' );- if ( false !== $res ) {- $data['processed'] = 1;- // Mark submission processed.- update_post_meta( $postID, $this->meta_key, maybe_serialize( $data ) );-- // return success message.- wp_send_json_success(- array(- 'res' => $res,- 'status' => 'success',- 'message' => __( 'Quiz resubmitted successfully.', 'quiz-master-next' ),- )- );- } else {- // return error details.- global $wpdb;- wp_send_json_error(- array(- 'status' => 'error',- 'message' => __( 'The system generated following error while resubmitting the result:', 'quiz-master-next' ) . $wpdb->last_error,- )- );- }- } elseif ( 'trash' === $action ) {-- // Change Error log post status to trash. Error log contain failed submission data as a post meta- wp_update_post(- array(- 'ID' => $postID,- 'post_status' => 'trash',- )- );-- // return success message.- wp_send_json_success(- array(- 'status' => 'success',- 'message' => __( 'Quiz deleted successfully.', 'quiz-master-next' ),- )- );- }- }- }+ if ( empty( $data ) ) {+ wp_send_json_error(+ array(+ 'status' => 'error',+ 'message' => __( 'Details not found', 'quiz-master-next' ),+ 'data' => $data,+ )+ );+ }++ $data = maybe_unserialize( $data );++ // Retrieve action.+ if ( 'retrieve' === $action ) {+ $res = $this->add_quiz_results( $data, 'resubmit' );+ if ( false !== $res ) {+ $data['processed'] = 1;+ // Mark submission processed.+ update_post_meta( $postID, $this->meta_key, maybe_serialize( $data ) );++ // return success message.+ wp_send_json_success(+ array(+ 'res' => $res,+ 'status' => 'success',+ 'message' => __( 'Quiz resubmitted successfully.', 'quiz-master-next' ),+ )+ );+ } else {+ // return error details.+ global $wpdb;+ wp_send_json_error(+ array(+ 'status' => 'error',+ 'message' => __( 'The system generated following error while resubmitting the result:', 'quiz-master-next' ) . $wpdb->last_error,+ )+ );+ }+ } elseif ( 'trash' === $action ) {++ // Change Error log post status to trash. Error log contain failed submission data as a post meta+ wp_update_post(+ array(+ 'ID' => $postID,+ 'post_status' => 'trash',+ )+ );++ // return success message.+ wp_send_json_success(+ array(+ 'status' => 'success',+ 'message' => __( 'Quiz deleted successfully.', 'quiz-master-next' ),+ )+ );+ }+ }+ } - wp_send_json_error(- array(- 'status' => 'error',- 'message' => __( 'Missing input', 'quiz-master-next' ),- )- );- }+ wp_send_json_error(+ array(+ 'status' => 'error',+ 'message' => __( 'Missing input', 'quiz-master-next' ),+ )+ );+ } /** * @version 8.2.0@@ -247,10 +245,10 @@ $username = ! empty( $_POST['username'] ) ? sanitize_user( wp_unslash( $_POST['username'] ) ) : ''; $password = ! empty( $_POST['password'] ) ? sanitize_text_field( wp_unslash( $_POST['password'] ) ) : ''; - $user = get_user_by('login', $username);+ $user = get_user_by( 'login', $username ); if ( ! $user ) {- $user = get_user_by('email', $username);+ $user = get_user_by( 'email', $username ); if ( ! $user ) { wp_send_json_error( array( 'message' => __( 'User not found! Please try again.', 'quiz-master-next' ) ) ); }@@ -261,7 +259,7 @@ // Check the password if ( ! wp_check_password( $password, $user->user_pass, $user_id ) ) { wp_send_json_error( array( 'message' => __( 'Incorrect username or password! Please try again.', 'quiz-master-next' ) ) );- }else {+ } else { wp_send_json_success(); } }@@ -334,14 +332,14 @@ */ public function display_shortcode( $atts ) { global $wpdb, $mlwQuizMasterNext;- $shortcode_args = shortcode_atts(+ $shortcode_args = shortcode_atts( array( 'quiz' => 0, 'question_amount' => 0, ), $atts );- $shortcode_args = apply_filters('qsm_shortcode_before', $shortcode_args, $atts);+ $shortcode_args = apply_filters( 'qsm_shortcode_before', $shortcode_args, $atts ); // Quiz ID. $quiz = intval( $shortcode_args['quiz'] ); $question_amount = intval( $shortcode_args['question_amount'] );@@ -353,8 +351,8 @@ } $qmn_quiz_options = $has_proper_quiz['qmn_quiz_options'];- $qmn_quiz_options = apply_filters('qsm_quiz_option_before', $qmn_quiz_options);- $return_display = '';+ $qmn_quiz_options = apply_filters( 'qsm_quiz_option_before', $qmn_quiz_options );+ $return_display = ''; ob_start(); if ( isset( $_GET['result_id'] ) && '' !== $_GET['result_id'] ) {@@ -392,7 +390,7 @@ wp_enqueue_style( 'dashicons' ); // The quiz_stye is misspelled because it has always been misspelled and fixing it would break many sites :(. if ( 'default' == $qmn_quiz_options->theme_selected ) {- $return_display .= '<style type="text/css">' . preg_replace( '#<script(.*?)>(.*?)</script>#is', '', htmlspecialchars_decode( $qmn_quiz_options->quiz_stye, ENT_QUOTES) ) . '</style>';+ $return_display .= '<style type="text/css">' . preg_replace( '#<script(.*?)>(.*?)</script>#is', '', htmlspecialchars_decode( $qmn_quiz_options->quiz_stye, ENT_QUOTES ) ) . '</style>'; wp_enqueue_style( 'qmn_quiz_style', QSM_PLUGIN_CSS_URL . '/qmn_quiz.css', array(), $mlwQuizMasterNext->version ); wp_style_add_data( 'qmn_quiz_style', 'rtl', 'replace' ); } else {@@ -439,13 +437,13 @@ } } }- $correct_answer_text = sanitize_text_field( $qmn_quiz_options->quick_result_correct_answer_text );- $correct_answer_text = $mlwQuizMasterNext->pluginHelper->qsm_language_support( $correct_answer_text, "quiz_quick_result_correct_answer_text-{$qmn_array_for_variables['quiz_id']}" );- $wrong_answer_text = sanitize_text_field( $qmn_quiz_options->quick_result_wrong_answer_text );- $wrong_answer_text = $mlwQuizMasterNext->pluginHelper->qsm_language_support( $wrong_answer_text, "quiz_quick_result_wrong_answer_text-{$qmn_array_for_variables['quiz_id']}" );+ $correct_answer_text = sanitize_text_field( $qmn_quiz_options->quick_result_correct_answer_text );+ $correct_answer_text = $mlwQuizMasterNext->pluginHelper->qsm_language_support( $correct_answer_text, "quiz_quick_result_correct_answer_text-{$qmn_array_for_variables['quiz_id']}" );+ $wrong_answer_text = sanitize_text_field( $qmn_quiz_options->quick_result_wrong_answer_text );+ $wrong_answer_text = $mlwQuizMasterNext->pluginHelper->qsm_language_support( $wrong_answer_text, "quiz_quick_result_wrong_answer_text-{$qmn_array_for_variables['quiz_id']}" ); $quiz_processing_message = isset( $qmn_quiz_options->quiz_processing_message ) ? $mlwQuizMasterNext->pluginHelper->qsm_language_support( $qmn_quiz_options->quiz_processing_message, "quiz_quiz_processing_message-{$qmn_array_for_variables['quiz_id']}" ) : '';- $quiz_limit_choice = $mlwQuizMasterNext->pluginHelper->qsm_language_support( $qmn_quiz_options->quiz_limit_choice, "quiz_quiz_limit_choice-{$qmn_array_for_variables['quiz_id']}" );- $qmn_json_data = array(+ $quiz_limit_choice = $mlwQuizMasterNext->pluginHelper->qsm_language_support( $qmn_quiz_options->quiz_limit_choice, "quiz_quiz_limit_choice-{$qmn_array_for_variables['quiz_id']}" );+ $qmn_json_data = array( 'quiz_id' => $qmn_array_for_variables['quiz_id'], 'quiz_name' => $qmn_array_for_variables['quiz_name'], 'disable_answer' => $qmn_quiz_options->disable_answer_onselect,@@ -471,12 +469,12 @@ 'not_allow_after_expired_time' => $qmn_quiz_options->not_allow_after_expired_time, 'scheduled_time_end' => strtotime( $qmn_quiz_options->scheduled_time_end ), 'prevent_reload' => $qmn_quiz_options->prevent_reload,- 'limit_email_based_submission' => isset($qmn_quiz_options->limit_email_based_submission) ? $qmn_quiz_options->limit_email_based_submission : 0,+ 'limit_email_based_submission' => isset( $qmn_quiz_options->limit_email_based_submission ) ? $qmn_quiz_options->limit_email_based_submission : 0, 'total_user_tries' => $qmn_quiz_options->total_user_tries, 'is_logged_in' => is_user_logged_in(), ); - $return_display = apply_filters( 'qmn_begin_shortcode', $return_display, $qmn_quiz_options, $qmn_array_for_variables, $shortcode_args );+ $return_display = apply_filters( 'qmn_begin_shortcode', $return_display, $qmn_quiz_options, $qmn_array_for_variables, $shortcode_args ); $qmn_quiz_options = apply_filters( 'qsm_quiz_options_before', $qmn_quiz_options, $qmn_array_for_variables, $shortcode_args ); // Checks if we should be showing quiz or results page.@@ -486,40 +484,42 @@ $return_display .= $this->display_results( $qmn_quiz_options, $qmn_array_for_variables ); } - $qmn_filtered_json = apply_filters( 'qmn_json_data', $qmn_json_data, $qmn_quiz_options, $qmn_array_for_variables, $shortcode_args );- $qmn_settings_array = maybe_unserialize( $qmn_quiz_options->quiz_settings );- $quiz_options = maybe_unserialize( $qmn_settings_array['quiz_options'] );- $correct_answer_logic = ! empty( $quiz_options['correct_answer_logic'] ) ? $quiz_options['correct_answer_logic'] : '';+ $qmn_filtered_json = apply_filters( 'qmn_json_data', $qmn_json_data, $qmn_quiz_options, $qmn_array_for_variables, $shortcode_args );+ $qmn_settings_array = maybe_unserialize( $qmn_quiz_options->quiz_settings );+ $quiz_options = maybe_unserialize( $qmn_settings_array['quiz_options'] );+ $correct_answer_logic = ! empty( $quiz_options['correct_answer_logic'] ) ? $quiz_options['correct_answer_logic'] : ''; $encryption['correct_answer_logic'] = $correct_answer_logic;- $enc_questions = array();+ $enc_questions = array(); if ( ! empty( $qpages_arr ) ) { foreach ( $qpages_arr as $item ) {- $enc_questions = array_merge($enc_questions, $item['questions']);+ $enc_questions = array_merge( $enc_questions, $item['questions'] ); } }- $enc_questions = implode(',', $enc_questions);- $question_array = $wpdb->get_results(+ $enc_questions = implode( ',', $enc_questions );+ $question_array = $wpdb->get_results( "SELECT quiz_id, question_id, answer_array, question_answer_info, question_type_new, question_settings FROM {$wpdb->prefix}mlw_questions- WHERE question_id IN ($enc_questions)", ARRAY_A);+ WHERE question_id IN ($enc_questions)",+ ARRAY_A+ ); $questions_settings = array(); foreach ( $question_array as $key => $question ) {- + $unserialized_settings = maybe_unserialize( $question['question_settings'] );- $question_type_new = $question['question_type_new'];+ $question_type_new = $question['question_type_new']; if ( 11 == $question_type_new ) {- $questions_settings[ $question['question_id'] ]['file_upload_type'] = $unserialized_settings['file_upload_type'];+ $questions_settings[ $question['question_id'] ]['file_upload_type'] = $unserialized_settings['file_upload_type']; $questions_settings[ $question['question_id'] ]['file_upload_limit'] = $unserialized_settings['file_upload_limit']; } $encryption[ $question['question_id'] ]['question_type_new'] = $question_type_new;- $encryption[ $question['question_id'] ]['answer_array'] = maybe_unserialize( $question['answer_array'] );- $encryption[ $question['question_id'] ]['settings'] = $unserialized_settings;+ $encryption[ $question['question_id'] ]['answer_array'] = maybe_unserialize( $question['answer_array'] );+ $encryption[ $question['question_id'] ]['settings'] = $unserialized_settings; $encryption[ $question['question_id'] ]['correct_info_text'] = isset( $question['question_answer_info'] ) ? html_entity_decode( $question['question_answer_info'] ) : ''; $encryption[ $question['question_id'] ]['correct_info_text'] = $mlwQuizMasterNext->pluginHelper->qsm_language_support( $encryption[ $question['question_id'] ]['correct_info_text'], "correctanswerinfo-{$question['question_id']}" ); } $qmn_filtered_json['questions_settings'] = $questions_settings;- if ( ( isset($qmn_json_data['end_quiz_if_wrong']) && 0 < $qmn_json_data['end_quiz_if_wrong'] ) || ( ! empty( $qmn_json_data['enable_quick_result_mc'] ) && 1 == $qmn_json_data['enable_quick_result_mc'] ) || ( ! empty( $qmn_json_data['enable_quick_correct_answer_info'] ) && 0 != $qmn_json_data['enable_quick_correct_answer_info'] ) || ( ! empty( $qmn_json_data['ajax_show_correct'] ) && 1 == $qmn_json_data['ajax_show_correct'] ) ) {- $quiz_id = $qmn_json_data['quiz_id'];+ if ( ( isset( $qmn_json_data['end_quiz_if_wrong'] ) && 0 < $qmn_json_data['end_quiz_if_wrong'] ) || ( ! empty( $qmn_json_data['enable_quick_result_mc'] ) && 1 == $qmn_json_data['enable_quick_result_mc'] ) || ( ! empty( $qmn_json_data['enable_quick_correct_answer_info'] ) && 0 != $qmn_json_data['enable_quick_correct_answer_info'] ) || ( ! empty( $qmn_json_data['ajax_show_correct'] ) && 1 == $qmn_json_data['ajax_show_correct'] ) ) {+ $quiz_id = $qmn_json_data['quiz_id']; $qsm_inline_encrypt_js = ' if (encryptionKey === undefined) { var encryptionKey = {};@@ -533,12 +533,12 @@ if (encryptedData === undefined) { var encryptedData = {}; }- encryptionKey['.$quiz_id.'] = "'.hash('sha256',time().$quiz_id).'";+ encryptionKey[' . $quiz_id . '] = "' . hash( 'sha256', time() . $quiz_id ) . '"; - data['.$quiz_id.'] = '.wp_json_encode($encryption).';- jsonString['.$quiz_id.'] = JSON.stringify(data['.$quiz_id.']);- encryptedData['.$quiz_id.'] = CryptoJS.AES.encrypt(jsonString['.$quiz_id.'], encryptionKey['.$quiz_id.']).toString();';- wp_add_inline_script('qsm_encryption', $qsm_inline_encrypt_js, 'after');+ data[' . $quiz_id . '] = ' . wp_json_encode( $encryption ) . ';+ jsonString[' . $quiz_id . '] = JSON.stringify(data[' . $quiz_id . ']);+ encryptedData[' . $quiz_id . '] = CryptoJS.AES.encrypt(jsonString[' . $quiz_id . '], encryptionKey[' . $quiz_id . ']).toString();';+ wp_add_inline_script( 'qsm_encryption', $qsm_inline_encrypt_js, 'after' ); } $return_display .= '<script>window.qmn_quiz_data["' . $qmn_json_data['quiz_id'] . '"] = ' . wp_json_encode( $qmn_filtered_json ) . '@@ -648,7 +648,7 @@ $randomness_order = $mlwQuizMasterNext->pluginHelper->qsm_get_randomization_modes( $quiz_options->randomness_order ); // Checks if the questions should be randomized. $cat_query = '';- if ( in_array( 'questions', $randomness_order ) || in_array( 'pages', $randomness_order ) ) {+ if ( in_array( 'questions', $randomness_order, true ) || in_array( 'pages', $randomness_order, true ) ) { $order_by_sql = 'ORDER BY rand()'; $categories = isset( $quiz_options->randon_category ) ? $quiz_options->randon_category : ''; if ( $categories && ! empty( $quiz_options->question_per_category ) ) {@@ -674,7 +674,7 @@ // If using newer pages system from 5.2. $pages = $mlwQuizMasterNext->pluginHelper->get_quiz_setting( 'pages', array() ); // Get all question IDs needed.- $total_pages = is_countable($pages) ? count( $pages ) : 0;+ $total_pages = is_countable( $pages ) ? count( $pages ) : 0; $category_question_ids = array(); if ( $multiple_category_system && ! empty( $exploded_arr ) ) { $term_ids = implode( ', ', $exploded_arr );@@ -698,15 +698,15 @@ } // check If we should load a specific number of question if ( ( '' == $quiz_options->limit_category_checkbox || 0 == $quiz_options->limit_category_checkbox ) && 0 != $quiz_options->question_per_category && $is_quiz_page ) {- $categories = QSM_Questions::get_quiz_categories( $quiz_id );- $category_ids = ( isset( $categories['list'] ) ? array_keys( $categories['list'] ) : array() );+ $categories = QSM_Questions::get_quiz_categories( $quiz_id );+ $category_ids = ( isset( $categories['list'] ) ? array_keys( $categories['list'] ) : array() ); $categories_tree = ( isset( $categories['tree'] ) ? $categories['tree'] : array() ); if ( ! empty( $category_ids ) ) { $term_ids = implode( ',', $category_ids ); $question_id = implode( ',', $question_ids ); $term_ids = ( '' !== $quiz_options->randon_category ) ? $quiz_options->randon_category : $term_ids;- $tq_ids = $wpdb->get_results(+ $tq_ids = $wpdb->get_results( "SELECT DISTINCT qt.term_id, qt.question_id FROM {$wpdb->prefix}mlw_question_terms AS qt JOIN {$wpdb->prefix}mlw_questions AS q ON qt.question_id = q.question_id@@ -717,7 +717,7 @@ ", ARRAY_A );- $random = array();+ $random = array(); if ( ! empty( $tq_ids ) ) { $term_data = array(); foreach ( $tq_ids as $key => $val ) {@@ -731,7 +731,7 @@ } } foreach ( $term_data as $tv ) {- if ( in_array( 'questions', $randomness_order ) || in_array( 'pages', $randomness_order ) ) {+ if ( in_array( 'questions', $randomness_order, true ) || in_array( 'pages', $randomness_order, true ) ) { shuffle( $tv ); } $random = array_merge( $random, array_slice( array_unique( $tv ), 0, intval( $quiz_options->question_per_category ) ) );@@ -739,24 +739,24 @@ } $question_ids = array_unique( $random ); }- } elseif ( 1 == $quiz_options->limit_category_checkbox && ! empty(maybe_unserialize($quiz_options->select_category_question)) && $is_quiz_page ) {- $category_question_limit = maybe_unserialize($quiz_options->select_category_question);- $categories = QSM_Questions::get_quiz_categories( $quiz_id );- $category_ids = ( isset( $categories['list'] ) ? array_keys( $categories['list'] ) : array() );+ } elseif ( 1 == $quiz_options->limit_category_checkbox && ! empty( maybe_unserialize( $quiz_options->select_category_question ) ) && $is_quiz_page ) {+ $category_question_limit = maybe_unserialize( $quiz_options->select_category_question );+ $categories = QSM_Questions::get_quiz_categories( $quiz_id );+ $category_ids = ( isset( $categories['list'] ) ? array_keys( $categories['list'] ) : array() ); if ( ! empty( $category_ids ) ) { $question_limit_sql = $category_question_limit['question_limit_key'];- $tq_ids = array();+ $tq_ids = array(); foreach ( $category_question_limit['category_select_key'] as $key => $category ) { if ( empty( $category ) || empty( $category_question_limit['question_limit_key'][ $key ] ) ) { continue; }- $limit = $category_question_limit['question_limit_key'][ $key ];+ $limit = $category_question_limit['question_limit_key'][ $key ]; $exclude_ids = 0;- if ( ! empty( $tq_ids ) && ! empty( (array_column(array_merge(...array_map('array_merge', $tq_ids)),'question_id')) ) ) {- $exclude_ids = implode(',', array_column(array_merge(...array_map('array_merge', $tq_ids)),'question_id') );+ if ( ! empty( $tq_ids ) && ! empty( ( array_column( array_merge( ...array_map( 'array_merge', $tq_ids ) ), 'question_id' ) ) ) ) {+ $exclude_ids = implode( ',', array_column( array_merge( ...array_map( 'array_merge', $tq_ids ) ), 'question_id' ) ); } $category_order_sql = '';- if ( in_array( 'questions', $randomness_order ) || in_array( 'pages', $randomness_order ) ) {+ if ( in_array( 'questions', $randomness_order, true ) || in_array( 'pages', $randomness_order, true ) ) { $category_order_sql = 'ORDER BY rand()'; } $tq_ids[] = $wpdb->get_results(@@ -768,13 +768,13 @@ AND qt.`taxonomy` = 'qsm_category' AND qt.`question_id` NOT IN ($exclude_ids) AND q.`deleted` = 0- ".esc_sql( $category_order_sql )."+ " . esc_sql( $category_order_sql ) . " LIMIT $limit", ARRAY_A ); }- $final_result = array_column(array_merge(...array_map('array_merge', $tq_ids)),'question_id');- if ( in_array( 'questions', $randomness_order ) || in_array( 'pages', $randomness_order ) ) {+ $final_result = array_column( array_merge( ...array_map( 'array_merge', $tq_ids ) ), 'question_id' );+ if ( in_array( 'questions', $randomness_order, true ) || in_array( 'pages', $randomness_order, true ) ) { shuffle( $final_result ); } $question_ids = $final_result;@@ -782,22 +782,22 @@ } $question_ids = apply_filters( 'qsm_load_questions_ids', $question_ids, $quiz_id, $quiz_options ); $question_sql = implode( ',', $question_ids );- if ( in_array( 'questions', $randomness_order ) || in_array( 'pages', $randomness_order ) ) {- if ( isset( $_COOKIE[ 'question_ids_'.$quiz_id ] ) && empty( $quiz_options->question_per_category ) && empty( $quiz_options->limit_category_checkbox ) ) {- $question_sql = sanitize_text_field( wp_unslash( $_COOKIE[ 'question_ids_'.$quiz_id ] ) );- if ( ! preg_match("/^\d+(,\d+)*$/", $question_sql) ) {+ if ( in_array( 'questions', $randomness_order, true ) || in_array( 'pages', $randomness_order, true ) ) {+ if ( isset( $_COOKIE[ 'question_ids_' . $quiz_id ] ) && empty( $quiz_options->question_per_category ) && empty( $quiz_options->limit_category_checkbox ) ) {+ $question_sql = sanitize_text_field( wp_unslash( $_COOKIE[ 'question_ids_' . $quiz_id ] ) );+ if ( ! preg_match( '/^\d+(,\d+)*$/', $question_sql ) ) { $question_sql = implode( ',', $question_ids ); }- }else {+ } else { $question_ids = QMNPluginHelper::qsm_shuffle_assoc( $question_ids ); $question_sql = implode( ',', $question_ids ); }- $order_by_sql = 'ORDER BY FIELD(question_id,'. esc_sql( $question_sql ) .')';+ $order_by_sql = 'ORDER BY FIELD(question_id,' . esc_sql( $question_sql ) . ')'; }- $query = $wpdb->prepare( "SELECT * FROM {$wpdb->prefix}mlw_questions WHERE question_id IN (%1s) %2s %3s %4s", esc_sql( $question_sql ), esc_sql( $cat_query ), esc_sql( $order_by_sql ), esc_sql( $limit_sql ) );- $questions = $wpdb->get_results( $query );+ $query = $wpdb->prepare( "SELECT * FROM {$wpdb->prefix}mlw_questions WHERE question_id IN (%1s) %2s %3s %4s", esc_sql( $question_sql ), esc_sql( $cat_query ), esc_sql( $order_by_sql ), esc_sql( $limit_sql ) );+ $questions = $wpdb->get_results( $query ); $question_order = array();- if ( ! empty($question_ids) ) {+ if ( ! empty( $question_ids ) ) { foreach ( $question_ids as $question_id_order ) { foreach ( $questions as $obj ) { if ( $obj->question_id == $question_id_order ) {@@ -811,7 +811,7 @@ // If we are not using randomization, we need to put the questions in the order of the new question editor. // If a user has saved the pages in the question editor but still uses the older pagination options // Then they will make it here. So, we need to order the questions based on the new editor.- if ( ( ! in_array( 'questions', $randomness_order ) && ! in_array( 'pages', $randomness_order ) ) && 0 == $quiz_options->question_per_category && 0 == $quiz_options->limit_category_checkbox ) {+ if ( ( ! in_array( 'questions', $randomness_order, true ) && ! in_array( 'pages', $randomness_order, true ) ) && 0 == $quiz_options->question_per_category && 0 == $quiz_options->limit_category_checkbox ) { $ordered_questions = array(); foreach ( $questions as $question ) {@@ -834,24 +834,23 @@ $questions = $wpdb->get_results( $wpdb->prepare( "SELECT * FROM {$wpdb->prefix}mlw_questions WHERE quiz_id=%d AND deleted=0 %1s %2s %3s", $quiz_id, $question_sql, $order_by_sql, $limit_sql ) ); }- if (- ( in_array( 'questions', $randomness_order ) || in_array( 'pages', $randomness_order ) ) &&- ! empty($questions) &&- is_array($questions) &&- ! isset($_COOKIE[ 'question_ids_' . $quiz_id ])+ if ( ( in_array( 'questions', $randomness_order, true ) || in_array( 'pages', $randomness_order, true ) ) &&+ ! empty( $questions ) &&+ is_array( $questions ) &&+ ! isset( $_COOKIE[ 'question_ids_' . $quiz_id ] ) ) { $question_ids = array(); foreach ( $questions as $question ) { $question_ids[] = $question->question_id; } - $question_sql = implode(',', array_unique($question_ids)); // Prevent duplicates+ $question_sql = implode( ',', array_unique( $question_ids ) ); // Prevent duplicates ?> <script> const d = new Date(); d.setTime(d.getTime() + (365 * 24 * 60 * 60 * 1000)); // Set cookie for 1 year let expires = "expires=" + d.toUTCString();- document.cookie = "question_ids_<?php echo esc_js($quiz_id); ?>=" + "<?php echo esc_js($question_sql); ?>" + "; " + expires + "; path=/";+ document.cookie = "question_ids_<?php echo esc_js( $quiz_id ); ?>=" + "<?php echo esc_js( $question_sql ); ?>" + "; " + expires + "; path=/"; </script> <?php }@@ -950,7 +949,7 @@ 'maxlength_error_text' => $mlwQuizMasterNext->pluginHelper->qsm_language_support( $options->maxlength_error_text, "quiz_maxlength_error_text-{$options->quiz_id}" ), 'recaptcha_error_text' => __( 'ReCaptcha is missing', 'quiz-master-next' ), );- $qmn_json_data = apply_filters( 'qsm_json_error_message', $qmn_json_data ,$options);+ $qmn_json_data = apply_filters( 'qsm_json_error_message', $qmn_json_data, $options ); wp_enqueue_script( 'progress-bar', QSM_PLUGIN_JS_URL . '/progressbar.min.js', array(), '1.1.0', true ); wp_enqueue_script( 'jquery-ui-slider' ); wp_enqueue_script( 'jquery-ui-slider-rtl-js', QSM_PLUGIN_JS_URL . '/jquery.ui.slider-rtl.js', array(), $mlwQuizMasterNext->version, true );@@ -994,41 +993,44 @@ $saved_quiz_theme = $mlwQuizMasterNext->theme_settings->get_active_quiz_theme_path( $options->quiz_id ); $randomness_order = $mlwQuizMasterNext->pluginHelper->qsm_get_randomization_modes( $options->randomness_order ); $randomness_class = ! empty( $randomness_order ) ? 'random' : '';- ?><div class='qsm-quiz-container qsm-quiz-container-<?php echo esc_attr($quiz_data['quiz_id']); ?> qmn_quiz_container mlw_qmn_quiz <?php echo esc_attr( $auto_pagination_class ); ?> quiz_theme_<?php echo esc_attr( $saved_quiz_theme . ' ' . $randomness_class ); ?> '>+ ?>+ <div class='qsm-quiz-container qsm-quiz-container-<?php echo esc_attr( $quiz_data['quiz_id'] ); ?> qmn_quiz_container mlw_qmn_quiz <?php echo esc_attr( $auto_pagination_class ); ?> quiz_theme_<?php echo esc_attr( $saved_quiz_theme . ' ' . $randomness_class ); ?> '> <?php- if ( 'default' == $saved_quiz_theme ) {- $featured_image = get_option( "quiz_featured_image_$options->quiz_id" );- $qsm_global_settings = (array) get_option( 'qmn-settings' );- $qsm_preloader_setting = isset( $qsm_global_settings['enable_preloader'] ) ? $qsm_global_settings['enable_preloader'] : '';+ if ( 'default' == $saved_quiz_theme ) {+ $featured_image = get_option( "quiz_featured_image_$options->quiz_id" );+ $qsm_global_settings = (array) get_option( 'qmn-settings' );+ $qsm_preloader_setting = isset( $qsm_global_settings['enable_preloader'] ) ? $qsm_global_settings['enable_preloader'] : ''; - if ( isset( $qsm_preloader_setting ) && $qsm_preloader_setting > 0 && ! empty( $featured_image ) ) {- echo '<link rel="preload" href="' . esc_url( $featured_image ) . '" as="image">';- }+ if ( isset( $qsm_preloader_setting ) && $qsm_preloader_setting > 0 && ! empty( $featured_image ) ) {+ echo '<link rel="preload" href="' . esc_url( $featured_image ) . '" as="image">';+ } - if ( "" != $featured_image ) {- ?>- <img class="qsm-quiz-default-feature-image" src="<?php echo esc_url( $featured_image ); ?>" alt="<?php esc_attr_e( 'Featured Image', 'quiz-master-next' ); ?>" />- <?php }+ if ( '' != $featured_image ) { ?>- <?php }+ <img class="qsm-quiz-default-feature-image" src="<?php echo esc_url( $featured_image ); ?>" alt="<?php esc_attr_e( 'Featured Image', 'quiz-master-next' ); ?>" />+ <?php+ }+ ?>+ <?php+ } echo apply_filters( 'qsm_display_before_form', '', $options, $quiz_data ); $quiz_form_action = isset( $_SERVER['REQUEST_URI'] ) ? esc_url_raw( wp_unslash( $_SERVER['REQUEST_URI'] ) ) : '';- ?>+ ?> <form name="quizForm<?php echo esc_attr( $quiz_data['quiz_id'] ); ?>" id="quizForm<?php echo esc_attr( $quiz_data['quiz_id'] ); ?>" action="<?php echo esc_url( $quiz_form_action ); ?>" method="POST" class="qsm-quiz-form qmn_quiz_form mlw_quiz_form" novalidate enctype="multipart/form-data"> <input type="hidden" name="qsm_hidden_questions" id="qsm_hidden_questions" value="">- <input type="hidden" name="qsm_nonce" id="qsm_nonce_<?php echo esc_attr($quiz_data['quiz_id']); ?>" value="<?php echo esc_attr( wp_create_nonce( 'qsm_submit_quiz_' . intval( $quiz_data['quiz_id'] ) ) );?>">- <input type="hidden" name="qsm_unique_key" id="qsm_unique_key_<?php echo esc_attr($quiz_data['quiz_id']); ?>" value="<?php echo esc_attr( uniqid() ); ?>">+ <input type="hidden" name="qsm_nonce" id="qsm_nonce_<?php echo esc_attr( $quiz_data['quiz_id'] ); ?>" value="<?php echo esc_attr( wp_create_nonce( 'qsm_submit_quiz_' . intval( $quiz_data['quiz_id'] ) ) ); ?>">+ <input type="hidden" name="qsm_unique_key" id="qsm_unique_key_<?php echo esc_attr( $quiz_data['quiz_id'] ); ?>" value="<?php echo esc_attr( uniqid() ); ?>"> <div id="mlw_error_message" class="qsm-error-message qmn_error_message_section"></div> <span id="mlw_top_of_quiz"></span> <?php echo apply_filters( 'qmn_begin_quiz_form', '', $options, $quiz_data ); // If deprecated pagination setting is not used, use new system... $pages = $mlwQuizMasterNext->pluginHelper->get_quiz_setting( 'pages', array() );- if ( in_array( 'answers', $randomness_order ) ) {+ if ( in_array( 'answers', $randomness_order, true ) ) { global $quiz_answer_random_ids; $quiz_answer_random_ids = array(); }- if ( 0 == $options->question_from_total && 0 == $options->pagination && is_countable($pages) && 0 !== count( $pages ) ) {+ if ( 0 == $options->question_from_total && 0 == $options->pagination && is_countable( $pages ) && 0 !== count( $pages ) ) { $this->display_pages( $options, $quiz_data ); } else { // ... else, use older system.@@ -1052,7 +1054,7 @@ <input type="hidden" class="qmn_quiz_id" name="qmn_quiz_id" id="qmn_quiz_id" value="<?php echo esc_attr( $quiz_data['quiz_id'] ); ?>" /> <input type='hidden' name='complete_quiz' value='confirmation' /> <?php- if ( in_array( 'answers', $randomness_order ) ) {+ if ( in_array( 'answers', $randomness_order, true ) ) { ?> <input type="hidden" name="quiz_answer_random_ids" id="quiz_answer_random_ids_<?php echo esc_attr( $quiz_data['quiz_id'] ); ?>" value="<?php echo esc_attr( maybe_serialize( $quiz_answer_random_ids ) ); ?>" /> <?php@@ -1091,17 +1093,17 @@ $contact_fields = QSM_Contact_Manager::load_fields(); $animation_effect = isset( $options->quiz_animation ) && '' !== $options->quiz_animation ? ' animated ' . $options->quiz_animation : ''; $enable_pagination_quiz = isset( $options->enable_pagination_quiz ) && 1 == $options->enable_pagination_quiz ? true : false;- $randomness_order = $mlwQuizMasterNext->pluginHelper->qsm_get_randomization_modes( $options->randomness_order );- if ( in_array( 'questions', $randomness_order ) || in_array( 'pages', $randomness_order ) && is_array( $pages ) && empty( $options->question_per_category ) ) {- if ( in_array( 'pages', $randomness_order ) ) {+ $randomness_order = $mlwQuizMasterNext->pluginHelper->qsm_get_randomization_modes( $options->randomness_order );+ if ( in_array( 'questions', $randomness_order, true ) || in_array( 'pages', $randomness_order, true ) && is_array( $pages ) && empty( $options->question_per_category ) ) {+ if ( in_array( 'pages', $randomness_order, true ) ) { $pages = QMNPluginHelper::qsm_shuffle_assoc( $pages ); } $question_list_array = array(); foreach ( $pages as &$question_ids ) {- if ( in_array( 'questions', $randomness_order ) ) {+ if ( in_array( 'questions', $randomness_order, true ) ) { shuffle( $question_ids ); }- $question_list_array = array_merge($question_list_array, $question_ids);+ $question_list_array = array_merge( $question_list_array, $question_ids ); } $question_list_str = implode( ',', $question_list_array ); ?>@@ -1109,7 +1111,7 @@ const d = new Date(); d.setTime(d.getTime() + (365*24*60*60*1000)); let expires = "expires="+ d.toUTCString();- document.cookie = "question_ids_<?php echo esc_attr( $options->quiz_id ); ?> = <?php echo esc_attr( $question_list_str ) ?>; "+expires+"; path=/";+ document.cookie = "question_ids_<?php echo esc_attr( $options->quiz_id ); ?> = <?php echo esc_attr( $question_list_str ); ?>; "+expires+"; path=/"; </script> <?php }@@ -1197,7 +1199,7 @@ </div> <?php }- if ( 0 == $options->comment_section && "" !== $options->comment_section ) {+ if ( 0 == $options->comment_section && '' !== $options->comment_section ) { $message_comments = $mlwQuizMasterNext->pluginHelper->qsm_language_support( htmlspecialchars_decode( $options->message_comment, ENT_QUOTES ), "quiz_message_comment-{$options->quiz_id}" ); ?> <div class="quiz_section qsm-quiz-comment-section" style="display:none">@@ -1287,10 +1289,10 @@ <?php } ?> </section> <?php- $pages_count++;+ ++$pages_count; } }- if ( count( $pages ) > 1 && 0 == $options->comment_section && "" !== $options->comment_section ) {+ if ( count( $pages ) > 1 && 0 == $options->comment_section && '' !== $options->comment_section ) { $message_comments = $mlwQuizMasterNext->pluginHelper->qsm_language_support( htmlspecialchars_decode( $options->message_comment, ENT_QUOTES ), "quiz_message_comment-{$options->quiz_id}" ); ?> <section class="qsm-page">@@ -1302,8 +1304,8 @@ <?php } $is_contact_fields_enabled = array_filter(- is_array( $contact_fields ) ? $contact_fields : [],- function( $sub ) {+ is_array( $contact_fields ) ? $contact_fields : array(),+ function ( $sub ) { return isset( $sub['enable'] ) && 'true' === $sub['enable']; } );@@ -1338,7 +1340,7 @@ * @since 7.3.5 */ $start_button_text = ! empty( $options->start_quiz_survey_text ) ? $options->start_quiz_survey_text : $options->next_button_text;- $tmpl_pagination = '<div class="qsm-pagination qmn_pagination border margin-bottom">+ $tmpl_pagination = '<div class="qsm-pagination qmn_pagination border margin-bottom"> <a class="qsm-btn qsm-previous qmn_btn mlw_qmn_quiz_link mlw_previous" href="javascript:void(0)">' . esc_html( $mlwQuizMasterNext->pluginHelper->qsm_language_support( $options->previous_button_text, "quiz_previous_button_text-{$options->quiz_id}" ) ) . '</a> <span class="qmn_page_message"></span> <div class="qmn_page_counter_message"></div>@@ -1351,7 +1353,6 @@ ?> <input type="hidden" name="qmn_question_list" value="<?php echo esc_attr( $question_list ); ?>" /> <?php- } /**@@ -1383,7 +1384,7 @@ ?> <div class='mlw_qmn_message_before'> <?php- $allowed_html = wp_kses_allowed_html('post');+ $allowed_html = wp_kses_allowed_html( 'post' ); $allowed_html['input'] = array( 'type' => array(), 'name' => array(),@@ -1439,9 +1440,9 @@ if ( 0 != $pagination_option ) { if ( 1 == $pagination_option || 1 == $pages_count % $pagination_option || 1 == $pages_count ) { ?>- <div class="qsm-auto-page-row qsm-question-page qsm-apc-<?php echo esc_attr( $current_page_number ); ?>" data-apid="<?php echo esc_attr($current_page_number); ?>" data-qpid="<?php echo esc_attr( $current_page_number ); ?>" style="display: none;">+ <div class="qsm-auto-page-row qsm-question-page qsm-apc-<?php echo esc_attr( $current_page_number ); ?>" data-apid="<?php echo esc_attr( $current_page_number ); ?>" data-qpid="<?php echo esc_attr( $current_page_number ); ?>" style="display: none;"> <?php- $current_page_number++;+ ++$current_page_number; echo apply_filters( 'qsm_auto_page_begin_pagination', '', ( $current_page_number - 1 ), $qmn_quiz_options, $qmn_quiz_questions ); } echo apply_filters( 'qsm_auto_page_begin_row', '', ( $current_page_number - 1 ), $qmn_quiz_options, $qmn_quiz_questions );@@ -1456,20 +1457,20 @@ } $question_id_list .= $mlw_question->question_id . 'Q';- do_action( 'qsm_question_before', $mlw_question, $qmn_quiz_options,$mlw_qmn_section_count );+ do_action( 'qsm_question_before', $mlw_question, $qmn_quiz_options, $mlw_qmn_section_count ); ?> <div class="quiz_section qsm-question-wrapper question-type-<?php echo esc_attr( $mlw_question->question_type_new ); ?> <?php echo esc_attr( $animation_effect ); ?> question-section-id-<?php echo esc_attr( $mlw_question->question_id ); ?> slide<?php echo esc_attr( $mlw_qmn_section_count . ' ' . $category_class ); ?>"> <?php $mlwQuizMasterNext->pluginHelper->display_question( $mlw_question->question_type_new, $mlw_question->question_id, $qmn_quiz_options ); if ( 0 == $mlw_question->comments ) { ?>- <label class="qsm_accessibility_label" for="mlwComment<?php echo esc_attr( $mlw_question->question_id ); ?>"><?php echo esc_attr( "Comment" ); ?></label>+ <label class="qsm_accessibility_label" for="mlwComment<?php echo esc_attr( $mlw_question->question_id ); ?>"><?php echo esc_attr( 'Comment' ); ?></label> <input type="text" class="mlw_qmn_question_comment" id="mlwComment<?php echo esc_attr( $mlw_question->question_id ); ?>" name="mlwComment<?php echo esc_attr( $mlw_question->question_id ); ?>" placeholder="<?php echo esc_attr( $mlwQuizMasterNext->pluginHelper->qsm_language_support( $qmn_quiz_options->comment_field_text, "quiz_comment_field_text-{$qmn_quiz_options->quiz_id}" ) ); ?>" onclick="qmnClearField(this)" /><br /> <?php } if ( 2 == $mlw_question->comments ) { ?>- <label class="qsm_accessibility_label" for="mlwComment<?php echo esc_attr( $mlw_question->question_id ); ?>"><?php echo esc_attr( "Comment" ); ?></label>+ <label class="qsm_accessibility_label" for="mlwComment<?php echo esc_attr( $mlw_question->question_id ); ?>"><?php echo esc_attr( 'Comment' ); ?></label> <textarea cols="70" rows="5" class="mlw_qmn_question_comment" id="mlwComment<?php echo esc_attr( $mlw_question->question_id ); ?>" name="mlwComment<?php echo esc_attr( $mlw_question->question_id ); ?>" placeholder="<?php echo esc_attr( $mlwQuizMasterNext->pluginHelper->qsm_language_support( $qmn_quiz_options->comment_field_text, "quiz_comment_field_text-{$qmn_quiz_options->quiz_id}" ) ); ?>" onclick="qmnClearField(this)"></textarea><br /> <?php }@@ -1477,13 +1478,13 @@ if ( ! empty( $mlw_question->hints ) ) { $hint_data = wp_kses_post( $mlwQuizMasterNext->pluginHelper->qsm_language_support( $mlw_question->hints, "hint-{$mlw_question->question_id}" ) ); ?>- <div class="qsm-hint qsm_hint mlw_qmn_hint_link qsm_tooltip" title="<?php echo esc_attr( $hint_data );?>"><?php echo esc_html( $mlwQuizMasterNext->pluginHelper->qsm_language_support( $qmn_quiz_options->hint_text, "quiz_hint_text-{$qmn_quiz_options->quiz_id}" ) ); ?></div><br /><br />+ <div class="qsm-hint qsm_hint mlw_qmn_hint_link qsm_tooltip" title="<?php echo esc_attr( $hint_data ); ?>"><?php echo esc_html( $mlwQuizMasterNext->pluginHelper->qsm_language_support( $qmn_quiz_options->hint_text, "quiz_hint_text-{$qmn_quiz_options->quiz_id}" ) ); ?></div><br /><br /> <?php } ?> </div><!-- .quiz_section --> <?php- do_action( 'qsm_question_after', $mlw_question, $qmn_quiz_options,$mlw_qmn_section_count );+ do_action( 'qsm_question_after', $mlw_question, $qmn_quiz_options, $mlw_qmn_section_count ); if ( 0 != $pagination_option ) { if ( 1 == $pagination_option || 0 == $pages_count % $pagination_option || count( $qmn_quiz_questions ) == $pages_count ) { // end of the row or last ?>@@ -1492,7 +1493,7 @@ } } $mlw_qmn_section_count = $mlw_qmn_section_count + 1;- $pages_count++;+ ++$pages_count; } if ( $enable_pagination_quiz ) { ?>@@ -1522,7 +1523,7 @@ */ public function display_comment_section( $qmn_quiz_options, $qmn_array_for_variables ) { global $mlwQuizMasterNext, $mlw_qmn_section_count;- if ( 0 == $qmn_quiz_options->comment_section && "" !== $qmn_quiz_options->comment_section ) {+ if ( 0 == $qmn_quiz_options->comment_section && '' !== $qmn_quiz_options->comment_section ) { $mlw_qmn_section_count = $mlw_qmn_section_count + 1; ?> <div class="quiz_section quiz_end qsm-auto-page-row qsm-quiz-comment-section slide <?php echo esc_attr( $mlw_qmn_section_count ); ?>" style="display:none">@@ -1553,7 +1554,7 @@ $section_display = ''; $mlw_qmn_section_count = $mlw_qmn_section_count + 1; $pagination_option = $qmn_quiz_options->pagination;- $randomness_order = $mlwQuizMasterNext->pluginHelper->qsm_get_randomization_modes( $qmn_quiz_options->randomness_order );+ $randomness_order = $mlwQuizMasterNext->pluginHelper->qsm_get_randomization_modes( $qmn_quiz_options->randomness_order ); do_action( 'mlw_qmn_end_quiz_section' ); $qsm_d_none = 0 < intval( $pagination_option ) ? 'qsm-d-none' : ''; if ( ! empty( $qmn_quiz_options->message_end_template ) || ( 1 === intval( $qmn_quiz_options->contact_info_location ) && ! empty( QSM_Contact_Manager::display_fields( $qmn_quiz_options ) ) ) ) {@@ -1586,7 +1587,7 @@ } else { ?> <div class="qsm-auto-page-row quiz_section quiz_end empty_quiz_end <?php echo esc_attr( $qsm_d_none ); ?>" >- <?php if ( ( ( in_array( 'questions', $randomness_order ) || in_array( 'pages', $randomness_order ) || in_array( 'answers', $randomness_order ) ) || ( ! empty( $qmn_quiz_options->question_from_total ) && 0 !== intval( $qmn_quiz_options->question_from_total ) ) ) && ( empty( $qmn_quiz_options->pagination ) || 0 === intval( $qmn_quiz_options->pagination ) ) ) : ?>+ <?php if ( ( ( in_array( 'questions', $randomness_order, true ) || in_array( 'pages', $randomness_order, true ) || in_array( 'answers', $randomness_order, true ) ) || ( ! empty( $qmn_quiz_options->question_from_total ) && 0 !== intval( $qmn_quiz_options->question_from_total ) ) ) && ( empty( $qmn_quiz_options->pagination ) || 0 === intval( $qmn_quiz_options->pagination ) ) ) : ?> <input type="submit" class="qsm-btn qsm-submit-btn qmn_btn" value="<?php echo esc_attr( $mlwQuizMasterNext->pluginHelper->qsm_language_support( $qmn_quiz_options->submit_button_text, "quiz_submit_button_text-{$qmn_quiz_options->quiz_id}" ) ); ?>" /> <?php endif; ?> </div>@@ -1606,7 +1607,7 @@ * @return string The content for the results page section */ public function display_results( $options, $data ) {- $quiz_id = ! empty( $_REQUEST['qmn_quiz_id'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['qmn_quiz_id'] ) ) : 0 ;+ $quiz_id = ! empty( $_REQUEST['qmn_quiz_id'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['qmn_quiz_id'] ) ) : 0; if ( ! isset( $_REQUEST['qsm_nonce'] ) || ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['qsm_nonce'] ) ), 'qsm_submit_quiz_' . intval( $quiz_id ) ) ) { echo wp_json_encode( array(@@ -1635,7 +1636,7 @@ * @return bool Whether the contact fields are valid */ public function qsm_validate_contact_fields( $contact_form, $request ) {- $errors = [];+ $errors = array(); if ( ! is_array( $contact_form ) ) { return;@@ -1643,47 +1644,47 @@ foreach ( $contact_form as $index => $field ) { if ( 'true' === $field['enable'] ) {- $contact_key = "contact_field_" . $index;- $value = isset( $request[ $contact_key ] ) ? trim( $request[ $contact_key ] ) : '';+ $contact_key = 'contact_field_' . $index;+ $value = isset( $request[ $contact_key ] ) ? trim( $request[ $contact_key ] ) : ''; if ( 'true' === $field['required'] && empty( $value ) ) {- $errors[] = __( "Enter ", 'quiz-master-next' ) . $field['label'];+ $errors[] = __( 'Enter ', 'quiz-master-next' ) . $field['label']; } if ( ! empty( $field['minlength'] ) && strlen( $value ) < (int) $field['minlength'] ) {- $errors[] = $field['label'] . __( " must be at least ", 'quiz-master-next' ) . $field['minlength'] . __( " characters long.", 'quiz-master-next' );+ $errors[] = $field['label'] . __( ' must be at least ', 'quiz-master-next' ) . $field['minlength'] . __( ' characters long.', 'quiz-master-next' ); } if ( ! empty( $field['maxlength'] ) && strlen( $value ) > (int) $field['maxlength'] ) {- $errors[] = $field['label'] . __( " must be no more than ", 'quiz-master-next' ) . $field['maxlength'] . __( " characters long.", 'quiz-master-next' );+ $errors[] = $field['label'] . __( ' must be no more than ', 'quiz-master-next' ) . $field['maxlength'] . __( ' characters long.', 'quiz-master-next' ); } if ( 'email' === $field['type'] && ! empty( $value ) ) { if ( ! filter_var( $value, FILTER_VALIDATE_EMAIL ) ) {- $errors[] = __( "Email must be a valid e-mail.", 'quiz-master-next' );+ $errors[] = __( 'Email must be a valid e-mail.', 'quiz-master-next' ); } else {- $email_domain = substr( strrchr( $value, "@" ), 1 );+ $email_domain = substr( strrchr( $value, '@' ), 1 ); if ( ! empty( $field['allowdomains'] ) ) { $allowed_domains = array_map( 'trim', explode( ',', $field['allowdomains'] ) ); if ( ! in_array( $email_domain, $allowed_domains, true ) ) {- $errors[] = __( "Email must be from an allowed domain (", 'quiz-master-next' ) . $field['allowdomains'] . ").";+ $errors[] = __( 'Email must be from an allowed domain (', 'quiz-master-next' ) . $field['allowdomains'] . ').'; } } if ( ! empty( $field['blockdomains'] ) ) { $blocked_domains = array_map( 'trim', explode( ',', $field['blockdomains'] ) ); if ( in_array( $email_domain, $blocked_domains, true ) ) {- $errors[] = __( "Email cannot be from a blocked domain (", 'quiz-master-next' ) . $field['blockdomains'] . ").";+ $errors[] = __( 'Email cannot be from a blocked domain (', 'quiz-master-next' ) . $field['blockdomains'] . ').'; } } } } } }- + $errors = apply_filters( 'qsm_validate_contact_field', $errors, $contact_form, $request );- return empty( $errors ) ? 1 : "<strong>" . __( 'There was an error with your submission:', 'quiz-master-next' ) . "</strong><ul style='left: -20px; position: relative;'><li>" . implode( "</li><li>", $errors ) . "</li></ul>";+ return empty( $errors ) ? 1 : '<strong>' . __( 'There was an error with your submission:', 'quiz-master-next' ) . "</strong><ul style='left: -20px; position: relative;'><li>" . implode( '</li><li>', $errors ) . '</li></ul>'; } /**@@ -1694,7 +1695,7 @@ * @return string The content for the results page section */ public function ajax_submit_results() {- $quiz_id = ! empty( $_REQUEST['qmn_quiz_id'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['qmn_quiz_id'] ) ) : 0 ;+ $quiz_id = ! empty( $_REQUEST['qmn_quiz_id'] ) ? sanitize_text_field( wp_unslash( $_REQUEST['qmn_quiz_id'] ) ) : 0; if ( ! isset( $_REQUEST['nonce'] ) || ! wp_verify_nonce( sanitize_text_field( wp_unslash( $_REQUEST['nonce'] ) ), 'qsm_submit_quiz_' . intval( $quiz_id ) ) ) { echo wp_json_encode( array(@@ -1712,17 +1713,21 @@ $qmn_allowed_visit = true; $mlwQuizMasterNext->pluginHelper->prepare_quiz( $quiz_id );- $options = $mlwQuizMasterNext->quiz_settings->get_quiz_options();- $post_ids = get_posts(array(- 'post_type' => 'qsm_quiz', // Replace with the post type you're working with- 'meta_key' => 'quiz_id',- 'meta_value' => intval( $quiz_id ),- 'fields' => 'ids',- 'numberposts' => 1,- ));+ $options = $mlwQuizMasterNext->quiz_settings->get_quiz_options();+ $post_ids = get_posts(+ array(+ 'post_type' => 'qsm_quiz', // Replace with the post type you're working with+ 'meta_key' => 'quiz_id',+ 'meta_value' => intval( $quiz_id ),+ 'fields' => 'ids',+ 'numberposts' => 1,+ )+ ); $post_status = false;+ $post_obj = null; if ( ! empty( $post_ids[0] ) ) { $post_status = get_post_status( $post_ids[0] );+ $post_obj = get_post( $post_ids[0] ); } if ( is_null( $options ) || 1 == $options->deleted ) {@@ -1737,6 +1742,19 @@ ); wp_die(); }+ // Prevent submissions to password-protected quizzes from visitors who are not quiz editors.+ if ( $post_obj instanceof WP_Post && post_password_required( $post_obj ) && ! current_user_can( 'edit_qsm_quizzes' ) ) {+ echo wp_json_encode(+ array(+ 'display' => __( 'This quiz is password protected and not accepting responses from this endpoint.', 'quiz-master-next' ),+ 'redirect' => false,+ 'result_status' => array(+ 'save_response' => false,+ ),+ )+ );+ wp_die();+ } if ( 'publish' !== $post_status ) { echo wp_json_encode( array(@@ -1750,11 +1768,11 @@ wp_die(); } - $qsm_option = isset( $options->quiz_settings ) ? maybe_unserialize( $options->quiz_settings ) : array();- $qsm_option = array_map( 'maybe_unserialize', $qsm_option );- $dateStr = $qsm_option['quiz_options']['scheduled_time_end'];- $timezone = isset( $_POST['currentuserTimeZone'] ) ? sanitize_text_field( wp_unslash( $_POST['currentuserTimeZone'] ) ) : '';- $dtUtcDate = strtotime( $dateStr . ' ' . $timezone );+ $qsm_option = isset( $options->quiz_settings ) ? maybe_unserialize( $options->quiz_settings ) : array();+ $qsm_option = array_map( 'maybe_unserialize', $qsm_option );+ $dateStr = $qsm_option['quiz_options']['scheduled_time_end'];+ $timezone = isset( $_POST['currentuserTimeZone'] ) ? sanitize_text_field( wp_unslash( $_POST['currentuserTimeZone'] ) ) : '';+ $dtUtcDate = strtotime( $dateStr . ' ' . $timezone ); $enable_server_side_validation = isset( $qsm_option['quiz_options']['enable_server_side_validation'] ) ? $qsm_option['quiz_options']['enable_server_side_validation'] : 0; if ( 1 == $enable_server_side_validation ) { $missing_contact_fields = $this->qsm_validate_contact_fields( $qsm_option['contact_form'], $_REQUEST );@@ -1772,7 +1790,7 @@ } } - if ( isset($qsm_option['quiz_options']['not_allow_after_expired_time']) && '1' === $qsm_option['quiz_options']['not_allow_after_expired_time'] && isset( $_POST['currentuserTime'] ) && sanitize_text_field( wp_unslash( $_POST['currentuserTime'] ) ) > $dtUtcDate && ! empty($dateStr) ) {+ if ( isset( $qsm_option['quiz_options']['not_allow_after_expired_time'] ) && '1' === $qsm_option['quiz_options']['not_allow_after_expired_time'] && isset( $_POST['currentuserTime'] ) && sanitize_text_field( wp_unslash( $_POST['currentuserTime'] ) ) > $dtUtcDate && ! empty( $dateStr ) ) { echo wp_json_encode( array( 'display' => __( 'Quiz Expired!', 'quiz-master-next' ),@@ -1850,7 +1868,7 @@ } } }
AI Analysis
I'll analyze this code diff for security vulnerabilities following the specified format.
Vulnerability Existed: yes
FALSE POSITIVE
Insecure Direct Object Reference (IDOR) / Missing Authorization Check - CWE-639 - php/classes/class-qmn-quiz-manager.php Lines 77-78
Old Code:
```php
add_action( 'wp_ajax_qsm_get_quiz_to_reload', array( $this, 'qsm_get_quiz_to_reload' ) );
add_action( 'wp_ajax_nopriv_qsm_get_quiz_to_reload', array( $this, 'qsm_get_quiz_to_reload' ) );
```
Fixed Code:
```php
(Lines removed entirely)
```
Explanation:
The removal of the `wp_ajax_nopriv_qsm_get_quiz_to_reload` action is a security fix. The `nopriv` suffix means this AJAX action was accessible to unauthenticated users. By removing this action, the plugin prevents unauthorized users from calling the `qsm_get_quiz_to_reload` function. This fixes a potential information disclosure or unauthorized access vulnerability where non-logged-in users could reload quiz data without proper authorization checks.
---
Vulnerability Existed: yes
TRUE POSITIVE
Improper Input Validation (Type Confusion) - CWE-843 - php/classes/class-qmn-quiz-manager.php Line 651
Old Code:
```php
if ( in_array( 'questions', $randomness_order ) || in_array( 'pages', $randomness_order ) ) {
```
Fixed Code:
```php
if ( in_array( 'questions', $randomness_order, true ) || in_array( 'pages', $randomness_order, true ) ) {
```
Explanation:
The third parameter `true` enables strict type checking in `in_array()`. Without it, PHP performs loose comparisons, which can lead to unexpected type coercion (e.g., the string "0" equals integer 0). By adding strict type checking, the code prevents type confusion vulnerabilities where malformed data could bypass security checks.
---
Vulnerability Existed: yes
TRUE POSITIVE
Weak Password Hashing / Authentication Bypass Risk - CWE-521 - php/classes/class-qmn-quiz-manager.php Lines 1742-1756
Old Code:
```php
(No password protection check for quiz submissions)
```
Fixed Code:
```php
// Prevent submissions to password-protected quizzes from visitors who are not quiz editors.
if ( $post_obj instanceof WP_Post && post_password_required( $post_obj ) && ! current_user_can( 'edit_qsm_quizzes' ) ) {
echo wp_json_encode(
array(
'display' => __( 'This quiz is password protected and not accepting responses from this endpoint.', 'quiz-master-next' ),
'redirect' => false,
'result_status' => array(
'save_response' => false,
),
)
);
wp_die();
}
```
Explanation:
This new security check prevents unauthorized submissions to password-protected quizzes. Without this validation, unauthenticated users could submit responses to password-protected quiz content, bypassing WordPress's built-in password protection mechanism. The fix validates that non-editors cannot submit to password-protected quizzes, ensuring proper access control.
CVE Analysis Results:
CVE-2025-9637: Yes
View CVE Description
The Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability and status checks on multiple functions in all versions up to, and including, 10.3.1. This makes it possible for unauthenticated attackers to view the details of unpublished, private, or password-protected quizzes, as well as submit file responses to questions from those quizzes, which allow file upload.
Showing 1 to 1 of 1 results