2 matches found
WordPress WordPress Survey & Poll – Quiz, Survey and Poll Plugin for WordPress plugin <= 1.7.5 - Authenticated (Contributor+) SQL Injection vulnerability
Authenticated Contributor+ SQL Injection vulnerability discovered by Peter Thaleikis in WordPress Plugin WordPress Survey & Poll versions = 1.7.5...
CVE-2015-2090
The CVE-2015-2090 issue affects the WordPress Survey and Poll plugin (version 1.1.7) and is caused by a blind SQL injection in the ajax_survey function (settings.php) that processes the survey_id parameter sent to wp-admin/admin-ajax.php. Exploitation could allow remote attackers to execute arbit...