logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-24442

Description

The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise, escape or validate the date_answers[] POST parameter before using it in a SQL statement when sending a Poll result, allowing unauthenticated users to perform SQL Injection attacks


Affected Software


CPE Name Name Version
wpdevart:poll\,_survey\,_questionnaire_and_voting_system wpdevart poll\, survey\, questionnaire and voting system 1.5.3

Related