Earlier today, a vulnerability was reported in Quiz And Survey Master. The CSRF vulnerability would potentially allow a malicious user to attack your site. The vulnerability was on the “Questions” tab when editing your quiz and would have allowed a hacker to potentially input malicious code into the question editor that would affect your WordPress installation. There have been no reported cases of an attack caused by this vulnerability.
I am pushing out an immediate fix in version 4.7.9 and I advise everyone to update their plugin immediately.
Feel free to leave a comment here or reach out if you have any questions!