CVE-2015-9386 (mtouch_quiz)

The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via the quiz parameter during a Quiz Manage operation.
Source: NIST
CVE-2015-9386 (mtouch_quiz)