Lucene search
WPScanCVELIST:CVE-2021-24762HistoryFeb 01, 2022 - 12:21 p.m.
CVE-2021-24762 Perfect Survey < 1.5.2 - Unauthenticated SQL Injection
2022-02-0112:21:23
CWE-89
WPScan
www.cve.org
4
cve-2021-24762
perfect survey
wordpress plugin
unauthenticated
sql injection
EPSS
0.248
Percentile
96.8%
The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET parameter before using it in a SQL statement in the get_question AJAX action, allowing unauthenticated users to perform SQL injection.
CNA Affected
[
{
"product": "Perfect Survey",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.5.2",
"status": "affected",
"version": "1.5.2",
"versionType": "custom"
}
]
}
]Related
nuclei
nuclei
WordPress Perfect Survey <1.5.2 - SQL Injection
2022-02-25 06:27:21
attackerkb
attackerkb
CVE-2021-24762
2022-02-01 00:00:00
zdt
zdt
prion
prion
Sql injection
2022-02-01 13:15:00
cnvd
cnvd
WordPress Perfect SurveyๆไปถSQLๆณจๅ
ฅๆผๆด
2022-02-10 00:00:00
wpvulndb
wpvulndb
Perfect Survey < 1.5.2 - Unauthenticated SQL Injection
2021-10-05 00:00:00
nvd
nvd
CVE-2021-24762
2022-02-01 13:15:08
exploitdb
exploitdb
WordPress Plugin Perfect Survey - 1.5.1 - SQLi (Unauthenticated)
2022-02-21 00:00:00
patchstack
patchstack
cve
cve
CVE-2021-24762
2022-02-01 13:15:08
packetstorm
packetstorm
WordPress Perfect Survey 1.5.1 SQL Injection
2022-02-21 00:00:00
wpexploit
wpexploit
Perfect Survey < 1.5.2 - Unauthenticated SQL Injection
2021-10-05 00:00:00