Getperfectsurvey Perfect Survey — known CVE vulnerabilities
Every CVE whose affected-product data names Getperfectsurvey Perfect Survey, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2021-24762 — CVSS 9.8 (critical): The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET parameter before using it in a SQL…
CVE-2021-24763 — CVSS 8.8 (high): The Perfect Survey WordPress plugin before 1.5.2 does not have proper authorisation nor CSRF checks in the save_global_setting AJAX action…
CVE-2021-24764 — CVSS 6.1 (medium): The Perfect Survey WordPress plugin before 1.5.2 does not sanitise and escape multiple parameters (id and filters[session_id] of…
CVE-2021-24765 — CVSS 6.1 (medium): The Perfect Survey WordPress plugin through 1.5.2 does not validate and escape the X-Forwarded-For header value before outputting it in the…