Survey Maker
Approved changes feed: RSS · Atom
cpe:2.3:a:ays_pro:survey_maker:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Ays Pro (baec0466-3d3a-5cae-863d-5da547e565f4) |
|---|---|
| Product | Survey Maker (92b0c1a2-0e45-5876-85ae-47056ba93f2f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-26370 |
vulnerable | 2026-06-03 15:18:05.665026 |
Details available
MEDIUM (6.1)
WordPress Plugin "Survey Maker" versions 5.1.7.7 and prior contain a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed in the user's web browser.
Published: 2026-02-20T07:42:15.263Z
Updated: 2026-02-20T13:54:24.585Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-64276 |
vulnerable | 2026-06-03 15:09:37.659812 |
WordPress Survey Maker plugin <= 5.1.9.4 - Broken Access Control vulnerability
MEDIUM (6.5)
Missing Authorization vulnerability in Ays Pro Survey Maker survey-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Survey Maker: from n/a through <= 5.1.9.4.
Published: 2025-11-13T09:24:31.911Z
Updated: 2026-04-28T18:29:22.429Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-48098 |
vulnerable | 2026-06-03 15:01:34.117082 |
WordPress Survey Maker plugin <= 5.1.8.8 - Cross Site Scripting (XSS) vulnerability
HIGH (7.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Survey Maker survey-maker allows Stored XSS.This issue affects Survey Maker: from n/a through <= 5.1.8.8.
Published: 2025-10-22T14:32:07.268Z
Updated: 2026-04-28T20:18:25.154Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-48095 |
vulnerable | 2026-06-03 15:01:34.112327 |
WordPress Survey Maker plugin <= 5.1.8.8 - Cross Site Scripting (XSS) vulnerability
MEDIUM (5.9)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Survey Maker survey-maker allows Stored XSS.This issue affects Survey Maker: from n/a through <= 5.1.8.8.
Published: 2025-10-22T14:32:06.692Z
Updated: 2026-04-28T20:18:05.889Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-32275 |
vulnerable | 2026-06-03 15:00:40.392186 |
WordPress Survey Maker plugin <= 5.1.6.3 - Bypass vulnerability
MEDIUM (4.3)
Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker survey-maker allows Identity Spoofing.This issue affects Survey Maker: from n/a through <= 5.1.6.3.
Published: 2025-04-10T08:09:47.813Z
Updated: 2026-04-29T09:51:54.971Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-22664 |
vulnerable | 2026-06-03 14:59:41.102166 |
WordPress Survey Maker Plugin <= 5.1.3.5 - Cross Site Scripting (XSS) vulnerability
MEDIUM (5.9)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Survey Maker survey-maker allows Stored XSS.This issue affects Survey Maker: from n/a through <= 5.1.3.5.
Published: 2025-02-04T14:21:57.841Z
Updated: 2026-04-28T16:11:03.839Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-50426 |
vulnerable | 2026-06-03 14:57:24.248783 |
WordPress Survey Maker plugin <= 5.0.2 - Cross Site Scripting (XSS) vulnerability
MEDIUM (5.9)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Survey Maker survey-maker allows Stored XSS.This issue affects Survey Maker: from n/a through <= 5.0.2.
Published: 2024-10-29T08:43:38.044Z
Updated: 2026-05-12T23:02:12.749Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-22697 |
vulnerable | 2026-06-03 14:49:20.026430 |
WordPress Survey Maker plugin <= 3.2.0 - Broken Access Control vulnerability
MEDIUM (5.3)
Missing Authorization vulnerability in Survey Maker team Survey Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Survey Maker: from n/a through 3.2.0.
Published: 2024-12-13T14:22:12.844Z
Updated: 2026-04-28T16:07:59.235Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-24459 |
vulnerable | 2026-06-03 14:43:57.204766 |
Survey Maker < 1.5.6 - Authenticated Blind SQL Injections
The get_results() and get_items() functions in the Survey Maker WordPress plugin before 1.5.6 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
Published: 2021-08-02T10:32:04.000Z
Updated: 2024-08-03T19:35:18.684Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.