CVE-2025-58015

CWE-4974 documents4 sources
Severity
7.5HIGH
EPSS
0.1%
top 80.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
AYS PRO Quiz MakerAys-pro Quiz Maker
Timeline
PublishedSep 22

Description

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Ays Pro Quiz Maker quiz-maker allows Retrieve Embedded Sensitive Data.This issue affects Quiz Maker: from n/a through <= 6.7.0.65.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5ays_pro/quiz_maker6.7.0.65
NVDays-pro/quiz_maker6.7.0.61

🔴Vulnerability Details

2
GHSA
GHSA-cm4w-cghr-8324: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Ays Pro Quiz Maker allows Retrieve Embedded Sensitive Data2025-09-22
CVEList
WordPress Quiz Maker Plugin <= 6.7.0.65 - Sensitive Data Exposure Vulnerability2025-09-22

📋Vendor Advisories

1
Microsoft
wifi: ath12k: Fix for out-of bound access error2025-02-11
CVE-2025-58015 (HIGH CVSS 7.5) | Exposure of Sensitive System Inform | cvebase.io