7 matches found
CVE-2021-24762
The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the questionid GET parameter before using it in a SQL statement in the getquestion AJAX action, allowing unauthenticated users to perform SQL injection...
CVE-2021-24762
creationtimestamp| type| source ---|---|--- 2022-06-20 19:53:12+00:00| published-proof-of-concept| https://t.me/LeakingXTeam/20993 2022-06-20 19:53:12+00:00| published-proof-of-concept| https://t.me/spammerspacer/33792 2022-06-20 19:53:12+00:00| published-proof-of-concept|...
WordPress Perfect Survey 1.5.1 SQL Injection
Exploit Title: WordPress Plugin Perfect Survey - 1.5.1 - SQLi Unauthenticated Date 18.02.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.getperfectsurvey.com/ Software Link:...
WordPress Perfect Survey Plugin - 1.5.1 - SQL injection (Unauthenticated) Exploit
Exploit Title: WordPress Plugin Perfect Survey - 1.5.1 - SQLi Unauthenticated Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.getperfectsurvey.com/ Software Link: https://web.archive.org/web/20210817031040/https://downloads.wordpress.org/plugin/perfect-survey.1.5.1.zip Version:...
WordPress Plugin Perfect Survey - 1.5.1 - SQLi (Unauthenticated)
Exploit Title: WordPress Plugin Perfect Survey - 1.5.1 - SQLi Unauthenticated Date 18.02.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://www.getperfectsurvey.com/ Software Link:...
CVE-2021-24762 Perfect Survey < 1.5.2 - Unauthenticated SQL Injection
The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the questionid GET parameter before using it in a SQL statement in the getquestion AJAX action, allowing unauthenticated users to perform SQL injection...
CVE-2021-24762
CVE-2021-24762 affects WordPress Perfect Survey plugin versions before 1.5.2. The get_question AJAX action does not validate/escape the question_id parameter, enabling unauthenticated SQL injection. Consequences can include unauthorized access to data and potential compromise of the database. Rem...