CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-1002020

Vulnerability in wordpress plugin surveys v1.01.8, The code in survey_form.php does not sanitize the action variable before placing it inside of an SQL query.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.109

EPSS Ranking 93.1%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://www.vapidlabs.com/advisory.php?v=193
https://wordpress.org/plugins/surveys/
https://wpvulndb.com/vulnerabilities/8833
http://www.vapidlabs.com/advisory.php?v=193
https://wordpress.org/plugins/surveys/
https://wpvulndb.com/vulnerabilities/8833

Products affected by CVE-2017-1002020

Surveys Project » Surveys » Version: 1.01.8

cpe:2.3:a:surveys_project:surveys:1.01.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-1002020

Products

Pricing

Contact Us