CVE-2025-30774

CWE-89SQL Injection3 documents3 sources
Severity
9.8CRITICAL
EPSS
0.2%
top 52.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Ays-pro Quiz MakerAYS PRO Quiz Maker
Timeline
PublishedApr 1

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ays Pro Quiz Maker quiz-maker allows SQL Injection.This issue affects Quiz Maker: from n/a through <= 6.6.8.7.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDays-pro/quiz_maker< 6.6.8.8
CVEListV5ays_pro/quiz_maker6.6.8.7

🔴Vulnerability Details

2
CVEList
WordPress Quiz Maker plugin <= 6.6.8.7 - SQL Injection vulnerability2025-04-01
GHSA
GHSA-c8pq-jfx6-w9cv: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ays Pro Quiz Maker allows SQL Injection2025-04-01
CVE-2025-30774 (CRITICAL CVSS 9.8) | Improper Neutralization of Special | cvebase.io