Home/Product/ays pro quiz maker
Product

ays pro quiz maker

17 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-67595
< 6.7.0.83
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affe
4.3MEDIUM
 CVE-2025-12426
< 6.7.0.81
The Quiz Maker plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.7.0.80
5.3MEDIUM
 CVE-2025-58015
<= 6.7.0.61
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Ays Pro Quiz Maker quiz-maker allows R
5.3MEDIUM
 CVE-2025-58014
<= 6.7.0.61
Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affe
4.3MEDIUM
 CVE-2025-10042
< 6.7.0.57
The Quiz Maker plugin for WordPress is vulnerable to SQL Injection via spoofed IP headers in all versions up to, and including, 6.
5.9MEDIUM
 CVE-2024-8617
< 6.5.9.9
The Quiz Maker WordPress plugin before 6.5.9.9 does not sanitize and escape some of its settings, which could allow high-privilege
4.8MEDIUM
 CVE-2025-30774
< 6.6.8.8
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ays Pro Quiz Maker quiz-make
8.2HIGH
 CVE-2024-10628
>= 30.0.0 and < 31.8.0.100
The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to SQL Injection via the ‘id’ parameter in
7.5HIGH
 CVE-2024-6028
< 6.5.8.4
The Quiz Maker plugin for WordPress is vulnerable to time-based SQL Injection via the 'ays_questions' parameter in all versions up
9.8CRITICAL
 CVE-2023-23985
< 6.3.9.5
Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This issue affects Quiz Maker: from n/a through 6.3.9.4.
3.7LOW
 CVE-2024-1079
< 6.5.2.5
The Quiz Maker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_show
5.3MEDIUM
 CVE-2024-1078
< 6.5.2.5
The Quiz Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ay
4.3MEDIUM
 CVE-2024-22027
< 6.5.0.6
Improper input validation vulnerability in WordPress Quiz Maker Plugin prior to 6.5.0.6 allows a remote authenticated attacker to
6.5MEDIUM
 CVE-2023-6166
< 6.4.9.5
The Quiz Maker WordPress plugin before 6.4.9.5 does not escape generated URLs before outputting them in attributes, leading to Ref
6.1MEDIUM
 CVE-2023-6155
< 6.4.9.5
The Quiz Maker WordPress plugin before 6.4.9.5 does not adequately authorize the ays_quiz_author_user_search AJAX action, allowi
5.3MEDIUM
 CVE-2023-2571
< 6.4.2.7
The Quiz Maker WordPress plugin before 6.4.2.7 does not escape some parameters before outputting them back in attributes, leading
6.1MEDIUM
 CVE-2021-24456
< 6.2.0.9
The Quiz Maker WordPress plugin before 6.2.0.9 did not properly sanitise and escape the order and orderby parameters before using
7.2HIGH
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh