CVE-2025-55708

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows SQL Injection.This issue affects Quiz And Survey Master: from n/a through <= 10.2.4.
Configurations

No configuration.

History

23 Apr 2026, 15:32

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.5

01 Apr 2026, 17:26

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 8.5
v2 : unknown
v3 : unknown
References
  • {'url': 'https://patchstack.com/database/wordpress/plugin/quiz-master-next/vulnerability/wordpress-quiz-and-survey-master-plugin-plugin-10-2-4-sql-injection-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}
  • () https://patchstack.com/database/Wordpress/Plugin/quiz-master-next/vulnerability/wordpress-quiz-and-survey-master-plugin-plugin-10-2-4-sql-injection-vulnerability?_s_id=cve -
Summary
  • (es) La vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un comando SQL ('Inyección SQL') en ExpressTech Systems Quiz And Survey Master permite la inyección SQL. Este problema afecta a Quiz And Survey Master desde n/d hasta la versión 10.2.4.
Summary (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Systems Quiz And Survey Master allows SQL Injection. This issue affects Quiz And Survey Master: from n/a through 10.2.4. (en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows SQL Injection.This issue affects Quiz And Survey Master: from n/a through <= 10.2.4.

14 Aug 2025, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-08-14 19:15

Updated : 2026-06-17 09:42


NVD link : CVE-2025-55708

Mitre link : CVE-2025-55708

CVE.ORG link : CVE-2025-55708


JSON object : View

Products Affected

No product.

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')