Ays-pro Quiz Maker
6 CVEs affecting Ays-pro Quiz Maker. Latest disclosed: 2026-02-20. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-6028 | Critical | 9.8 | 2024-06-25 | The Quiz Maker plugin for WordPress is vulnerable to time-based SQL Injection via the 'ays_questions' parameter in all versions up to, and including, 6.5.8.3 d… |
CVE-2026-2384 | Medium | 6.4 | 2026-02-20 | The Quiz Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `vc_quizmaker` shortcode in all versions up to, and including… |
CVE-2025-10042 | Medium | 5.9 | 2025-09-17 | The Quiz Maker plugin for WordPress is vulnerable to SQL Injection via spoofed IP headers in all versions up to, and including, 6.7.0.56 due to insufficient es… |
CVE-2025-12426 | Medium | 5.3 | 2025-11-19 | The Quiz Maker plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.7.0.80. This is due to the plugin e… |
CVE-2024-1079 | Medium | 5.3 | 2024-02-07 | The Quiz Maker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_show_results() function in all ve… |
CVE-2024-1078 | Medium | 4.3 | 2024-02-07 | The Quiz Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ays_quick_start() and add_quest… |