Ays-pro - Survey Maker CVE

Filtered by vendor Ays-pro Subscribe

Filtered by product Survey Maker

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-26256	1 Ays-pro	1 Survey Maker	2022-02-28	4.3 MEDIUM	6.1 MEDIUM
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Survey Maker WordPress plugin (versions <= 2.0.6).
CVE-2021-24459	1 Ays-pro	1 Survey Maker	2021-08-10	6.5 MEDIUM	8.8 HIGH
The get_results() and get_items() functions in the Survey Maker WordPress plugin before 1.5.6 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard

Vulnerabilities (CVE)