CVE-2021-47941
HIGH SEVERITYCVSS Score & Metrics
Base Score
8.2 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Vulnerability Description
WordPress Plugin Survey & Poll 1.5.7.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wp_sap cookie parameter. Attackers can craft SQL payloads in the cookie to extract sensitive database information including usernames, passwords, and other confidential data from the WordPress database.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-89
Source
NVD
Vendor
Modalsurvey
Product
Survey & Poll
Discussion (0)
Add Comment
No comments yet. Be the first!