CVE-2025-6739
CVE-2025-6739: WPQuiz for WordPress is vulnerable to SQL Injection via the id attribute of the wpquiz shortcode in all versions up to 0.4.2. The root cause is insufficient escaping of the user-supplied parameter and lack of proper preparation in the SQL query. This allows authenticated attackers ...