CVE-2021-24456

Quiz Maker < 6.2.0.9 - Multiple Authenticated Blind SQL Injections

EPSS 1.3%CWE-89

The Quiz Maker WordPress plugin before 6.2.0.9 did not properly sanitise and escape the order and orderby parameters before using them in SQL statements, leading to SQL injection issues in the admin dashboard

Affected products

Ays Pro · Quiz Maker

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://wpscan.com/vulnerability/929ad37d-9cdb-4117-8cd3-cf7130a7c9d4