9 matches found
CVE-2025-13006
The CVE-2025-13006 entry concerns the WordPress plugin SurveyFunnel – Survey Plugin for WordPress (vulnerable through all versions up to and including 1.1.5). The vulnerability is an Information Disclosure via unprotected REST API endpoints under /wp-json/surveyfunnel/v2/, allowing unauthenticate...
PT-2025-49190
The SurveyFunnel – Survey Plugin for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.5 via several unprotected /wp-json/surveyfunnel/v2/ REST API endpoints. This makes it possible for unauthenticated attackers to extract...
EUVD-2019-7001
Malware in sbrugna...
Limited Canva Creator Data Exposed Via AI Chatbot Database
A Chroma database operated by Russian AI chatbot startup My Jedai was found exposed online, leaking survey responses…...
CVE-2019-16184
A CSV injection vulnerability was found in Limesurvey before 3.17.14 that allows survey participants to inject commands via their survey responses that will be included in the export CSV file...
More AIs Are Taking Polls and Surveys
I already knew about the declining response rate for polls and surveys. The percentage of AI bots that respond to surveys is also increasing. Solutions are hard: 1. Make surveys less boring. We need to move past bland, grid-filled surveys and start designing experiences people actually want to...
Moodle 3.11.x < 3.11.18 Multiple Vulnerabilities
According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.25 / 3.11.x prior to 3.11.18 / 4.0.x prior to 4.0.12 / 4.1.x prior to 4.1.7 / 4.2.x prior to 4.2.4. It is, therefore, affected by multiple vulnerabilities: - XSS risk when manually running a task ...
Moodle 4.1.x < 4.1.7 Multiple Vulnerabilities
According to its self-reported version, the Moodle install hosted on the remote host is prior to 3.9.25 / 3.11.x prior to 3.11.18 / 4.0.x prior to 4.0.12 / 4.1.x prior to 4.1.7 / 4.2.x prior to 4.2.4. It is, therefore, affected by multiple vulnerabilities: - XSS risk when manually running a task ...
Input validation
A CSV injection vulnerability was found in Limesurvey before 3.17.14 that allows survey participants to inject commands via their survey responses that will be included in the export CSV file...