Security Advisory

CVE-2021-24442

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-07-12 19:21:04

Last updated 2024-08-03 19:28:23

Assigner WPScan

State PUBLISHED

Description

The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise, escape or validate the date_answers[] POST parameter before using it in a SQL statement when sending a Poll result, allowing unauthenticated users to perform SQL Injection attacks

← Browse all CVEs View on cve.org ↗