cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-12528,https://securityvulnerability.io/vulnerability/CVE-2024-12528,Stored Cross-Site Scripting in WordPress Survey & Poll Plugin,"The WordPress Survey & Poll Plugin suffers from a Stored Cross-Site Scripting vulnerability through the 'wpsurveypoll_results' shortcode, affecting all versions up to and including 1.7.5. This flaw is due to inadequate input sanitization and output escaping on user-supplied attributes. Authenticated attackers with contributor-level access can exploit this vulnerability to inject arbitrary web scripts into pages. When these pages are accessed by users, the scripts execute, potentially leading to unauthorized actions and data compromise.",Wordpress,"WordPress Survey & Poll – Quiz, Survey And Poll Plugin For WordPress",6.4,MEDIUM,0.0005300000193528831,false,,false,false,false,false,false,false,2025-01-07T03:21:55.299Z,0
CVE-2024-55998,https://securityvulnerability.io/vulnerability/CVE-2024-55998,WordPress Popup Surveys & Polls for WordPress (Mare.io) plugin <= 1.36 - Settings Change vulnerability,Missing Authorization vulnerability in dusthazard Popup Surveys & Polls for WordPress (Mare.io) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Surveys & Polls for WordPress (Mare.io): from n/a through 1.36.,Wordpress,Popup Surveys & Polls For WordPress (mare.io),5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-12-16T14:13:37.248Z,0
CVE-2022-45069,https://securityvulnerability.io/vulnerability/CVE-2022-45069,WordPress Crowdsignal Dashboard plugin <= 3.0.9 - Privilege Escalation vulnerability,Auth. (contributor+) Privilege Escalation vulnerability in Crowdsignal Dashboard plugin <= 3.0.9 on WordPress.,Wordpress,"Crowdsignal Dashboard – Polls, Surveys & More (WordPress Plugin)",6.3,MEDIUM,0.0009699999936856329,false,,false,false,false,,false,false,2022-11-17T00:00:00.000Z,0
CVE-2022-34656,https://securityvulnerability.io/vulnerability/CVE-2022-34656,"WordPress Poll, Survey, Questionnaire and Voting system plugin <= 1.7.4 - Authenticated Cross-Site Scripting (XSS) vulnerability","Authenticated (admin+) Cross-Site Scripting (XSS) vulnerability in wpdevart Poll, Survey, Questionnaire and Voting system plugin <= 1.7.4 at WordPress.",Wordpress,"Poll, Survey, Questionnaire And Voting System (WordPress Plugin)",4.8,MEDIUM,0.0005000000237487257,false,,false,false,false,,false,false,2022-09-06T18:15:00.000Z,0
CVE-2015-2090,https://securityvulnerability.io/vulnerability/CVE-2015-2090,,SQL injection vulnerability in the ajax_survey function in settings.php in the WordPress Survey and Poll plugin 1.1.7 for Wordpress allows remote attackers to execute arbitrary SQL commands via the survey_id parameter in an ajax_survey action to wp-admin/admin-ajax.php.,Wordpress,WordPress Survey And Poll,,,0.001509999972768128,false,,false,false,false,,false,false,2015-02-26T15:00:00.000Z,0