CVE-2021-24763
The Perfect Survey WordPress plugin before 1.5.2 does not have proper authorisation nor CSRF checks in the saveglobalsetting AJAX action, allowing unauthenticated users to edit surveys and modify settings. Given the lack of sanitisation and escaping in the settings, this could also lead to a Stor...