Ays-pro Quiz_maker

17 CVEs affecting Ays-pro Quiz_maker. Latest disclosed: 2025-12-09. Critical: 1, High: 3.

Top CVEs affecting Ays-pro Quiz_maker
CVESeverityScorePublishedSummary
CVE-2024-6028Critical9.82024-06-25The Quiz Maker plugin for WordPress is vulnerable to time-based SQL Injection via the 'ays_questions' parameter in all versions up to, and including, 6.5.8.3 d…
CVE-2025-30774High8.22025-04-01Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ays Pro Quiz Maker quiz-maker allows SQL Injection.This i…
CVE-2024-10628High7.52025-01-26The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to SQL Injection via the ‘id’ parameter in all versions up to, and including…
CVE-2021-24456High7.22021-08-02The Quiz Maker WordPress plugin before 6.2.0.9 did not properly sanitise and escape the order and orderby parameters before using them in SQL statements, leadi…
CVE-2024-22027Medium6.52024-01-12Improper input validation vulnerability in WordPress Quiz Maker Plugin prior to 6.5.0.6 allows a remote authenticated attacker to perform a Denial of Service (…
CVE-2023-6166Medium6.12023-12-26The Quiz Maker WordPress plugin before 6.4.9.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting
CVE-2023-2571Medium6.12023-06-05The Quiz Maker WordPress plugin before 6.4.2.7 does not escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scrip…
CVE-2025-10042Medium5.92025-09-17The Quiz Maker plugin for WordPress is vulnerable to SQL Injection via spoofed IP headers in all versions up to, and including, 6.7.0.56 due to insufficient es…
CVE-2025-12426Medium5.32025-11-19The Quiz Maker plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.7.0.80. This is due to the plugin e…
CVE-2025-58015Medium5.32025-09-22Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Ays Pro Quiz Maker quiz-maker allows Retrieve Embedded Sensitive Da…
CVE-2024-1079Medium5.32024-02-07The Quiz Maker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_show_results() function in all ve…
CVE-2023-6155Medium5.32023-12-26The Quiz Maker WordPress plugin before 6.4.9.5 does not adequately authorize the `ays_quiz_author_user_search` AJAX action, allowing an unauthenticated attacke…
CVE-2024-8617Medium4.82025-05-15The Quiz Maker WordPress plugin before 6.5.9.9 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perfo…
CVE-2025-67595Medium4.32025-12-09Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a thro…
CVE-2025-58014Medium4.32025-09-22Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a thro…
CVE-2024-1078Medium4.32024-02-07The Quiz Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ays_quick_start() and add_quest…
CVE-2023-23985Low3.72024-04-24Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This issue affects Quiz Maker: from n/a through 6.3.9.4.