CVE-2024-50426

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Survey Maker survey-maker allows Stored XSS.This issue affects Survey Maker: from n/a through = 5.0.2...

CVE-2024-50426 WordPress Survey Maker plugin <= 5.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Survey Maker survey-maker allows Stored XSS.This issue affects Survey Maker: from n/a through = 5.0.2...

CVE-2024-50426 WordPress Survey Maker plugin <= 5.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Survey Maker survey-maker allows Stored XSS.This issue affects Survey Maker: from n/a through = 5.0.2...

CVE-2024-50426

CVE-2024-50426 is a stored XSS vulnerability in the WordPress plugin Survey Maker (versions

PT-2024-34200 · Unknown · Survey Maker

Name of the Vulnerable Software and Affected Versions: Survey Maker versions through 5.0.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For versions...

WordPress plugin Survey Maker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Survey Maker plugin <= 5.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Marek Mikita Patchstack Alliance in WordPress Plugin Survey Maker versions = 5.0.2...

WordPress Survey Maker Plugin <= 5.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Survey Maker Type Plugin Vulnerable versions = 5.0.2 Fixed in 5.0.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50426 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 335af01ef67c Credits Marek Mikita Required privilege...

The vulnerability of the PopupSiteSurveyRpm component (/userRpm/popupSiteSurveyRpm.htm) in the TP-Link TL-WR740N router software allows a hacker to execute arbitrary code.

The vulnerability of TP-Link TL-WR740N router’s microprogramming software is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially crafted POST request...

The vulnerability of TP-Link WR941ND router’s microprogramming software, related to the execution of operations outside the buffer in memory, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of TP-Link WR941ND router’s microprogramming software lies in the fact that the operation exceeds the buffer limits in memory when processing the page /userRpm/popupSiteSurveyRpm.htm with the parameter ssid. Exploiting this vulnerability allows a remote attacker to compromise th...

PT-2024-39367 · WordPress · Ts Poll – Survey

Name of the Vulnerable Software and Affected Versions: TS Poll – Survey, Versus Poll, Image Poll, Video Poll plugin for WordPress versions up to, and including, 2.3.9 Description: The issue arises from insufficient escaping on the user-supplied orderby parameter and lack of sufficient preparation...

CVE-2024-8488

The Survey Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Survey fields in all versions up to, and including, 4.9.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

CVE-2024-8488

The Survey Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Survey fields in all versions up to, and including, 4.9.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

CVE-2024-8488 Survey Maker – Customer Satisfaction Questionnaire, Chat Survey, Calculation Form, Payment Forms <= 4.9.7 - Authenticated (Admin+) Stored Cross-Site Scripting

The Survey Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Survey fields in all versions up to, and including, 4.9.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

WordPress Survey Maker plugin <= 4.9.7 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Survey Maker versions = 4.9.5...

WordPress plugin Survey Maker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Survey Maker Plugin <= 4.9.5 is vulnerable to Cross Site Scripting (XSS)

Software Survey Maker Type Plugin Vulnerable versions = 4.9.5 Fixed in 4.9.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8488 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7656cef316d3 Credits Jonas Benjamin Friedli...

PT-2024-39053 · WordPress · Survey Maker

Name of the Vulnerable Software and Affected Versions: Survey Maker plugin for WordPress versions up to, and including, 4.9.7 Description: The issue is related to Stored Cross-Site Scripting via Survey fields due to insufficient input sanitization and output escaping. This allows authenticated...

CVE-2024-46325

TP-Link WR740N V6 has a stack overflow vulnerability via the ssid parameter in /userRpm/popupSiteSurveyRpm.htm url...

PT-2024-22530 · Unknown · Limesurvey

Name of the Vulnerable Software and Affected Versions: LimeSurvey versions prior to 6.5.12+240611 Description: A Cross Site Scripting vulnerability allows a remote attacker to execute arbitrary code via a crafted script to the title and comment fields. This issue enables the execution of arbitrar...