Vulnerabilities > AYS PRO > Survey Maker > 1.2.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-21 | CVE-2021-26256 | Cross-site Scripting vulnerability in Ays-Pro Survey Maker Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Survey Maker WordPress plugin (versions <= 2.0.6). | 6.1 |
| 2021-08-02 | CVE-2021-24459 | Unspecified vulnerability in Ays-Pro Survey Maker The get_results() and get_items() functions in the Survey Maker WordPress plugin before 1.5.6 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard | 8.8 |