Lucene search
K

4 matches found

OSV
OSV
added 2025/01/30 2:15 p.m.1 views

CVE-2024-13596

The WordPress Survey & Poll – Quiz, Survey and Poll Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection via the 'id' attribute of the 'survey' shortcode in all versions up to, and including, 1.7.5 due to insufficient escaping on the user supplied parameter and lack of...

6.5CVSS7.3AI score0.00335EPSS
Exploits0References2
Hacker One
Hacker One
added 2020/06/23 4:36 a.m.25 views

Automattic: No Rate Limit when accessing "Password protection" enabled surveys leads to bypassing passwords via "pd-pass_surveyid" cookie

Summary: Hi team, If you write the right password on any password protected survey, you will see this request : F878934 This request is protected with rate limit, that's great. But if you look to response, you will see a cookie. The password protection feature is cookie-based system. In my survey...

7.2AI score
Exploits0
OSV
OSV
added 2017/09/14 1:29 p.m.3 views

CVE-2017-1002021

Vulnerability in wordpress plugin surveys v1.01.8, The code in individualresponses.php does not sanitize the surveyid variable before placing it inside of an SQL query...

9.8CVSS5.9AI score0.03628EPSS
Exploits1References3
CNVD
CNVD
added 2015/02/28 12:0 a.m.4 views

Wordpress Plugin WordPress Survey and Poll SQL Injection Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports personal blog sites set up on PHP and MySQL servers.WordPress Survey and Poll is one of the survey and poll plugin. A SQL injection vulnerability exists in the...

7.5CVSS8.3AI score0.04737EPSS
Exploits1References1
Rows per page
Query Builder