CVE-2025-10042

MEDIUM

Quiz Maker < 6.7.0.56 - Unauthenticated SQL Injection via Spoofed IP Headers

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2025-10042. PoCs published by Rahul Sreenivasan, XiaomingX, fumioryoto.

AI-analyzed exploit summary This exploit demonstrates a time-based SQL injection vulnerability in WordPress Quiz Maker plugin versions <= 6.7.0.56. It checks for vulnerability and extracts data such as admin credentials or custom SQL queries.

Description

The Quiz Maker plugin for WordPress is vulnerable to SQL Injection via spoofed IP headers in all versions up to, and including, 6.7.0.56 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This is only exploitable in configurations where the server is set up to retrieve the IP from a user-supplied field like `X-Forwarded-For` and limit users by IP is enabled.

Exploits (3)

exploitdb WORKING POC
by Rahul Sreenivasan · pythonwebappsmultiple
https://www.exploit-db.com/exploits/52465

This exploit demonstrates a time-based SQL injection vulnerability in WordPress Quiz Maker plugin versions <= 6.7.0.56. It checks for vulnerability and extracts data such as admin credentials or custom SQL queries.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: WordPress Quiz Maker <= 6.7.0.56
No auth needed
Prerequisites: Target WordPress URL · Path to quiz page · Vulnerable plugin version
devstral-2 · analyzed Feb 16, 2026 Full analysis →
github WORKING POC 10 stars
by XiaomingX · pythonpoc
https://github.com/XiaomingX/data-cve-poc-py-v1/tree/main/2025/CVE-2025-10042

The repository contains a functional Python-based SQL injection exploit for CVE-2025-10042, targeting WordPress Quiz Maker plugin versions <= 6.7.0.56. The exploit uses time-based blind SQLi techniques to extract admin credentials and password hashes.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: WordPress Quiz Maker <= 6.7.0.56
No auth needed
Prerequisites: Target WordPress URL · Path to quiz page · Vulnerable Quiz Maker plugin version
devstral-2 · analyzed Feb 27, 2026 Full analysis →
nomisec WORKING POC 2 stars
by fumioryoto · poc
https://github.com/fumioryoto/Quiz-Maker-SQL-Injection-CVE-2025-10042

This repository contains a functional Python-based exploit for CVE-2025-10042, a time-based blind SQL injection vulnerability in the WordPress Quiz Maker plugin (≤ 6.7.0.56). The exploit leverages the X-Forwarded-For header to extract admin credentials or execute custom SQL queries.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: WordPress Quiz Maker plugin ≤ 6.7.0.56
No auth needed
Prerequisites: Python 3.x · requests library · target URL with vulnerable Quiz Maker plugin
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 5.9
EPSS 0.0089
EPSS Percentile 54.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-89
Status published
Products (2)
ays-pro/Quiz Maker < 6.7.0.56
ays-pro/quiz_maker < 6.7.0.57
Published Sep 17, 2025
Tracked Since Feb 18, 2026