CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32275 – WordPress Survey Maker plugin <= 5.1.5.4 - Bypass vulnerability
https://notcve.org/view.php?id=CVE-2025-32275
07 Apr 2025 — Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker allows Identity Spoofing. This issue affects Survey Maker: from n/a through 5.1.5.4. The Survey Maker plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.1.5.5. This makes it possible for unauthenticated attackers to by bypass some level of control, though it is unclear what this means from the original reporting CNA. • https://patchstack.com/database/wordpress/plugin/survey-maker/vulnerability/wordpress-survey-maker-plugin-5-1-5-0-bypass-vulnerability-vulnerability?_s_id=cve • CWE-285: Improper Authorization CWE-290: Authentication Bypass by Spoofing •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-22664 – WordPress Survey Maker Plugin <= 5.1.3.5 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2025-22664
03 Feb 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Survey Maker team Survey Maker allows Stored XSS. This issue affects Survey Maker: from n/a through 5.1.3.5. The Survey Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 5.1.3.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access and above, to inject arbitrary w... • https://patchstack.com/database/wordpress/plugin/survey-maker/vulnerability/wordpress-survey-maker-plugin-5-1-3-5-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-50426 – WordPress Survey Maker plugin <= 5.0.2 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-50426
24 Oct 2024 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Survey Maker team Survey Maker allows Stored XSS.This issue affects Survey Maker: from n/a through 5.0.2. Vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web (XSS o 'Cross-site Scripting') en Survey Maker team Survey Maker permite XSS almacenado. Este problema afecta a Survey Maker: desde n/a hasta 5.0.2. The Survey Maker plugin for WordPress is vulnerable t... • https://patchstack.com/database/vulnerability/survey-maker/wordpress-survey-maker-plugin-5-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-29918 – WordPress Survey Maker plugin <= 4.0.6 - Reflected Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-29918
25 Mar 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Survey Maker team Survey Maker allows Reflected XSS.This issue affects Survey Maker: from n/a through 4.0.6. Vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('Cross-site Scripting') en Survey Maker team Survey Maker permite XSS reflejado. Este problema afecta a Survey Maker: desde n/a hasta 4.0.6. The Survey Maker plugin for WordPress is vulnerable to Reflected... • https://patchstack.com/database/vulnerability/survey-maker/wordpress-survey-maker-plugin-4-0-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27996 – WordPress Survey Maker plugin <= 4.0.5 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-27996
15 Mar 2024 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Survey Maker team Survey Maker allows Stored XSS.This issue affects Survey Maker: from n/a through 4.0.5. Vulnerabilidad de neutralización inadecuada de la entrada durante la generación de páginas web ('Cross-site Scripting') en Survey Maker team Survey Maker permite almacenar XSS. Este problema afecta a Survey Maker: desde n/a hasta 4.0.5. The Survey Maker – Best WordPress Survey Plugin plugin for WordPres... • https://patchstack.com/database/vulnerability/survey-maker/wordpress-survey-maker-plugin-4-0-5-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22697 – WordPress Survey Maker plugin <= 3.2.0 - Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2023-22697
27 Jan 2023 — Missing Authorization vulnerability in Survey Maker team Survey Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Survey Maker: from n/a through 3.2.0. The Survey Maker plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in all versions up to, and including, 3.2.0. This makes it possible for unauthenticated attackers to perform an unauthorized action. • https://patchstack.com/database/wordpress/plugin/survey-maker/vulnerability/wordpress-survey-maker-plugin-3-2-0-broken-access-control-vulnerability?_s_id=cve • CWE-862: Missing Authorization •