WpQuiz contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is due to "extras" folder being accessed without any authentication. By registering an account and running the "adminrestore.php" script in the "extras" folder, a remote attacker can gain administrative privileges. This flaw may lead to a loss of integrity.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.