100 matches found
CVE-2025-32167
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in devsoftbaltic SurveyJS surveyjs allows Stored XSS.This issue affects SurveyJS: from n/a through = 1.12.20...
CVE-2025-32256 WordPress SurveyJS plugin <= 1.12.20 - Broken Access Control vulnerability
Missing Authorization vulnerability in devsoftbaltic SurveyJS surveyjs allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SurveyJS: from n/a through = 1.12.20...
CVE-2025-32256
CVE-2025-32256 is a missing authorization vulnerability in SurveyJS (WordPress plugin) that allows access to functionality not properly constrained by ACLs. Affected software: SurveyJS: Drag & Drop WordPress Form Builder; vulnerable versions: up to 1.12.20 (inclusive). The CVSS score is 5.3 (Medi...
CVE-2025-32167 WordPress SurveyJS plugin <= 1.12.20 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in devsoftbaltic SurveyJS surveyjs allows Stored XSS.This issue affects SurveyJS: from n/a through = 1.12.20...
CVE-2025-32167
CVE-2025-32167 affects the SurveyJS WordPress form builder plugin (SurveyJS: Drag & Drop WordPress Form Builder) used on WordPress. The issue is a Stored XSS caused by improper neutralization of input during web page generation. Affected versions range up to 1.12.20. The connected documents do no...
CVE-2025-32167 WordPress SurveyJS plugin <= 1.12.20 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in devsoftbaltic SurveyJS allows Stored XSS. This issue affects SurveyJS: from n/a through 1.12.20...
WordPress SurveyJS plugin <= 1.12.20 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Mika in WordPress Plugin SurveyJS versions = 1.12.20...
PT-2025-14950 · Surveyjs · Surveyjs
Name of the Vulnerable Software and Affected Versions: SurveyJS versions 1.12.20 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables attackers to inject malicious script...
WordPress plugin SurveyJS 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...
WordPress plugin SurveyJS 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
PT-2025-15012 · Surveyjs · Surveyjs
Name of the Vulnerable Software and Affected Versions: SurveyJS versions 1.12.20 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by Access Control Lists ACLs. This means that certain features or...
CVE-2024-12544
The SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity plugin for WordPress is vulnerable to arbitrary file deletion due to a missing capability check on the callback function of the SurveyJSDeleteFile class in all versions up to, and includin...
CVE-2024-12544
The SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity plugin for WordPress is vulnerable to arbitrary file deletion due to a missing capability check on the callback function of the SurveyJSDeleteFile class in all versions up to, and includin...
CVE-2024-12544 SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity <= 1.12.17 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Deletion via SurveyJS_DeleteFile
The SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity plugin for WordPress is vulnerable to arbitrary file deletion due to a missing capability check on the callback function of the SurveyJSDeleteFile class in all versions up to, and includin...
WordPress plugin SurveyJS 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
WordPress SurveyJS plugin <= 1.12.17 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Deletion via SurveyJS_DeleteFile vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary File Deletion via SurveyJSDeleteFile vulnerability discovered by Thanh Nam Tran in WordPress Plugin SurveyJS versions = 1.12.17...
CVE-2024-36043
questionimage.ts in SurveyJS Form Library before 1.10.4 allows contentMode=youtube XSS via the imageLink property...
CVE-2024-50427
Unrestricted Upload of File with Dangerous Type vulnerability in devsoftbaltic SurveyJS surveyjs.This issue affects SurveyJS: from n/a through = 1.9.136...
Exploit for CVE-2024-50427
CVE-2024-50427 SurveyJS: Drag & Drop WordPress Form Builde...
CVE-2024-50427
Unrestricted Upload of File with Dangerous Type vulnerability in devsoftbaltic SurveyJS surveyjs.This issue affects SurveyJS: from n/a through = 1.9.136...