Ays Pro Quiz Maker vulnerabilities
6 known vulnerabilities affecting ays_pro/quiz_maker.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM2UNKNOWN1
Vulnerabilities
Page 1 of 1
CVE-2026-32342MEDIUMCVSS 4.3≤ 6.7.1.22026-03-13
CVE-2026-32342 [MEDIUM] CWE-352 CVE-2026-32342: Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site R
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a through <= 6.7.1.2.
cvelistv5nvd
CVE-2025-67595MEDIUMCVSS 4.3≤ 6.7.0.822025-12-09
CVE-2025-67595 [MEDIUM] CWE-352 CVE-2025-67595: Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site R
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a through <= 6.7.0.82.
cvelistv5nvd
CVE-2025-58015HIGHCVSS 7.5≤ 6.7.0.652025-09-22
CVE-2025-58015 [HIGH] CWE-497 CVE-2025-58015: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Ays Pro
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Ays Pro Quiz Maker quiz-maker allows Retrieve Embedded Sensitive Data.This issue affects Quiz Maker: from n/a through <= 6.7.0.65.
cvelistv5nvd
CVE-2025-58014UNKNOWN≤ 6.7.0.642025-09-22
CVE-2025-58014 CWE-352 CVE-2025-58014: Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site R
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a through <= 6.7.0.64.
cvelistv5nvd
CVE-2025-30774CRITICALCVSS 9.8≤ 6.6.8.72025-04-01
CVE-2025-30774 [CRITICAL] CWE-89 CVE-2025-30774: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ays Pro Quiz Maker quiz-maker allows SQL Injection.This issue affects Quiz Maker: from n/a through <= 6.6.8.7.
cvelistv5nvd
CVE-2021-24456HIGHCVSS 7.2≥ 6.2.0.9, < 6.2.0.92021-08-02
CVE-2021-24456 [HIGH] CWE-89 CVE-2021-24456: The Quiz Maker WordPress plugin before 6.2.0.9 did not properly sanitise and escape the order and or
The Quiz Maker WordPress plugin before 6.2.0.9 did not properly sanitise and escape the order and orderby parameters before using them in SQL statements, leading to SQL injection issues in the admin dashboard
cvelistv5nvd