CVE-2021-47941

WordPress Plugin Survey & Poll 1.5.7.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wpsap cookie parameter. Attackers can craft SQL payloads in the cookie to extract sensitive database...

CVE-2026-1247

The Survey plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above,...

EUVD-2026-13986

The Survey plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above,...

CVE-2026-1247

The Survey plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above,...

CVE-2026-26370

WordPress Plugin "Survey Maker" versions 5.1.7.7 and prior contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed in the user's web browser...

CVE-2025-48098 WordPress Survey Maker plugin <= 5.1.8.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Survey Maker survey-maker allows Stored XSS.This issue affects Survey Maker: from n/a through = 5.1.8.8...

CVE-2025-48095

CVE-2025-48095 affects WordPress Survey Maker plugin 5.1.8.8 to mitigate the vulnerability.

WordPress Survey Maker plugin <= 5.1.8.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by balejin in WordPress Plugin Survey Maker versions = 5.1.8.8...

EUVD-2024-50937

Malicious code in bioql PyPI...

CVE-2025-10196 SurveyAnyplace Plugin <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Survey Anyplace plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'surveyanyplaceembed' shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-32275 WordPress Survey Maker plugin <= 5.1.6.3 - Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker survey-maker allows Identity Spoofing.This issue affects Survey Maker: from n/a through = 5.1.6.3...

WordPress plugin WordPress Survey & Poll SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin WordPress...

CVE-2024-50426 WordPress Survey Maker plugin <= 5.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Survey Maker survey-maker allows Stored XSS.This issue affects Survey Maker: from n/a through = 5.0.2...

WordPress Survey Maker Plugin <= 5.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Survey Maker Type Plugin Vulnerable versions = 5.0.2 Fixed in 5.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50426 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 335af01ef67c Credits Marek Mikita Required privilege...

WordPress Survey Maker plugin <= 4.9.7 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Survey Maker versions = 4.9.5...

WordPress Survey Maker Plugin <= 4.9.5 is vulnerable to Cross Site Scripting (XSS)

Software Survey Maker Type Plugin Vulnerable versions = 4.9.5 Fixed in 4.9.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8488 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7656cef316d3 Credits Jonas Benjamin Friedli...

WordPress Survey Maker Plugin < 4.2.9 is vulnerable to Cross Site Scripting (XSS)

Software Survey Maker Type Plugin Vulnerable versions 4.2.9 Fixed in 4.2.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4061 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID fc4ec154ec6c Credits Krugov Artyom Required...

CVE-2024-29918 WordPress Survey Maker plugin <= 4.0.6 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Survey Maker team Survey Maker allows Reflected XSS.This issue affects Survey Maker: from n/a through 4.0.6...

Multiple vulnerabilities in WordPress Plugin "Survey Maker"

Overview WordPress Plugin "Survey Maker" provided by AYS Pro Plugins contains multiple vulnerabilities listed below. Stored cross-site scripting CWE-79 - CVE-2023-34423 Insufficient verification of data authenticity CWE-345 - CVE-2023-35764 Atsuya Yoda of GMO Cybersecurity by Ierae, Inc. reported...

WordPress Survey Maker Plugin <= 4.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Survey Maker Type Plugin Vulnerable versions = 4.0.6 Fixed in 4.0.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29918 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d250068b93d6 Credits Dimas Maulana Required privilege...