CVE-2024-27996

CVE-2024-27996 affects the WordPress plugin Survey Maker (Survey Maker – Best WordPress Survey Plugin) with a Stored XSS vulnerability caused by improper input neutralization during web page generation. It applies to versions up to and including 4.0.5. The connected documents indicate the issue i...

PT-2024-22194 · Unknown · Survey Maker

Name of the Vulnerable Software and Affected Versions: Survey Maker versions through 4.0.5 Description: The issue is related to improper neutralization of input during web page generation, which allows stored cross-site scripting XSS. This means that an attacker can inject malicious scripts into...

WordPress Plugin Survey Maker Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

SurveyJS Survey Creator 1.9.132 Cross Site Scripting

Details: Cross Site Scripting vulnerability in Survey JS Survey Creator v.1.9.132 and before allows an attacker to execute arbitrary code via the input field parameters of the creator survey section. ------------------------------------------ Vulnerability Type Cross Site Scripting XSS...

CVE-2023-51521

Cross-Site Request Forgery CSRF vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.18...

CVE-2023-51521 WordPress Quiz And Survey Master plugin <= 8.1.18 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.18...

CVE-2023-51521

CVE-2023-51521: CSRF in ExpressTech Quiz And Survey Master (WordPress plugin) affecting versions up to 8.1.18. CVSS v3.1 base score 5.4 (Medium). No exploitation details publicly documented in the provided sources. Remediation: update to a version later than 8.1.18 (per PT-2024-14175 guidance).

CVE-2023-51521 WordPress Quiz And Survey Master plugin <= 8.1.18 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ExpressTech Quiz And Survey Master.This issue affects Quiz And Survey Master: from n/a through 8.1.18...

WordPress Plugin Quiz And Survey Master Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

WordPress Survey Maker Plugin <= 4.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Survey Maker Type Plugin Vulnerable versions = 4.0.5 Fixed in 4.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27996 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 0c902de7bdda Credits Joel Indra Required privilege Administrat...

WordPress Quiz And Survey Master Plugin <= 8.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Quiz And Survey Master Type Plugin Vulnerable versions = 8.2.2 Fixed in 8.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27966 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b39b4217a315 Credits Marzieh Hashemi Required...

This Week in Spring - March 12th, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring! And what a week it's going to be! Do this first: we need your help! Please answer some questions in our State of Spring survey! Join me for a look at the latest-and-greatest, chronicling how I got started with Spring Boot in...

A Bootiful Podcast: Cristian Schuszter on CERN

Hi, Spring fans! In this installment I talk to Cristian Schuszter, a software engineer at CERN. This episode was recorded live at VOXXED DAYS CERN!. Don't forget to help us out with the State of Spring Survey...

BIT-LIMESURVEY-2020-11456

LimeSurvey before 4.1.12+200324 has stored XSS in application/views/admin/surveysgroups/surveySettings.php and application/models/SurveysGroups.php aka survey groups...

BIT-LIMESURVEY-2020-25799

LimeSurvey 3.21.1 is affected by cross-site scripting XSS in the Quota component of the Survey page. When the survey quota being viewed, e.g. by an administrative user, the JavaScript code will be executed in the browser...

This Week in Spring - March 5th, 2024

Hi, Spring fans! Welcome to another exciting roundup of This Week in Spring! I expect many of you are reading this for the first time, especially with Facebook and Instagram being down. People have been exploring all the other lesser-known corners of the web, looking for their daily "doom scroll....

CVE-2024-24309

In the module "Survey TMA" ecomizsurveytma up to version 2.0.0 from Ecomiz for PrestaShop, a guest can download personal information without restriction...

CVE-2024-24309

In the module "Survey TMA" ecomizsurveytma up to version 2.0.0 from Ecomiz for PrestaShop, a guest can download personal information without restriction...

Design/Logic Flaw

In the module "Survey TMA" ecomizsurveytma up to version 2.0.0 from Ecomiz for PrestaShop, a guest can download personal information without restriction...

CVE-2024-24309

In the module "Survey TMA" ecomizsurveytma up to version 2.0.0 from Ecomiz for PrestaShop, a guest can download personal information without restriction...