High severity8.5NVD Advisory· Published Feb 20, 2026· Updated Apr 15, 2026
CVE-2025-67987
CVE-2025-67987
Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Systems Quiz And Survey Master quiz-master-next allows SQL Injection.This issue affects Quiz And Survey Master: from n/a through <= 10.3.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=10.3.1
Patches
Vulnerability mechanics
References
1News mentions
1- SQL Injection Vulnerability in Quiz and Survey Master (QSM) Plugin Affecting 40k+ SitesPatchstack Blog · Jan 29, 2026