SQL Injection Vulnerability in Ays Pro Quiz Maker by WordPress
CVE-2025-30774

8.2HIGH

Key Information:

Vendor: WordPress
Status: Quiz Maker
Vendor: CVE Published:; 1 April 2025

What is CVE-2025-30774?

An SQL Injection vulnerability exists in the Ays Pro Quiz Maker, enabling attackers to manipulate SQL queries. This flaw could allow for unauthorized access, data modification, or exposure of sensitive information by exploiting insufficient input validation. It impacts Quiz Maker versions from n/a through 6.6.8.7, emphasizing the need for immediate patching and security measures to protect user data.

Affected Version(s)

Quiz Maker <= 6.6.8.7

References

https://patchstack.com/database/wordpress/plugin/quiz-mak...

vdb-entry

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 1, 2025
Vulnerability Reserved
Mar 26, 2025

Credit

astra.r3verii (Patchstack Alliance)

JSON