3 matches found
CVE-2024-8488 Survey Maker – Customer Satisfaction Questionnaire, Chat Survey, Calculation Form, Payment Forms <= 4.9.7 - Authenticated (Admin+) Stored Cross-Site Scripting
The Survey Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Survey fields in all versions up to, and including, 4.9.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...
CVE-2024-8488
CVE-2024-8488: Survey Maker for WordPress is affected by a stored XSS in Survey fields up to version 4.9.7. Exploitation requires authenticated admin-level access on multi-site installs with unfiltered_html disabled. Remediation per PTSecurity: update to a version later than 4.9.7. All public doc...
WordPress Survey Maker Plugin <= 4.9.5 is vulnerable to Cross Site Scripting (XSS)
Software Survey Maker Type Plugin Vulnerable versions = 4.9.5 Fixed in 4.9.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8488 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7656cef316d3 Credits Jonas Benjamin Friedli...