cbcvebase.

Ays Pro Quiz Maker vulnerabilities

6 known vulnerabilities affecting ays_pro/quiz_maker.

Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM3

Vulnerabilities

Page 1 of 1
CVE-2025-30774P2CRITICALCVSS 9.8≤ 6.6.8.72025-04-01
CVE-2025-30774 [CRITICAL] CWE-89 CVE-2025-30774: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ays Pro Quiz Maker quiz-maker allows SQL Injection.This issue affects Quiz Maker: from n/a through <= 6.6.8.7.
nvd
CVE-2025-58015P3HIGHCVSS 7.5≤ 6.7.0.652025-09-22
CVE-2025-58015 [HIGH] CWE-497 CVE-2025-58015: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Ays Pro Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Ays Pro Quiz Maker quiz-maker allows Retrieve Embedded Sensitive Data.This issue affects Quiz Maker: from n/a through <= 6.7.0.65.
nvd
CVE-2021-24456P3HIGHCVSS 7.2≥ 6.2.0.9, < 6.2.0.92021-08-02
CVE-2021-24456 [HIGH] CWE-89 CVE-2021-24456: The Quiz Maker WordPress plugin before 6.2.0.9 did not properly sanitise and escape the order and or The Quiz Maker WordPress plugin before 6.2.0.9 did not properly sanitise and escape the order and orderby parameters before using them in SQL statements, leading to SQL injection issues in the admin dashboard
nvd
CVE-2025-58014P4MEDIUMCVSS 4.3≤ 6.7.0.642025-09-22
CVE-2025-58014 [MEDIUM] CWE-352 CVE-2025-58014: Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site R Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a through <= 6.7.0.64.
nvd
CVE-2026-32342P4MEDIUMCVSS 4.3≤ 6.7.1.22026-03-13
CVE-2026-32342 [MEDIUM] CWE-352 CVE-2026-32342: Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site R Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a through <= 6.7.1.2.
nvd
CVE-2025-67595P4MEDIUMCVSS 4.3≤ 6.7.0.822025-12-09
CVE-2025-67595 [MEDIUM] CWE-352 CVE-2025-67595: Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site R Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a through <= 6.7.0.82.
nvd
Ays Pro Quiz Maker vulnerabilities | cvebase