Vulnerabilities > AYS PRO > Survey Maker > 4.6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-10 | CVE-2025-32275 | Authentication Bypass by Spoofing vulnerability in Ays-Pro Survey Maker Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker allows Identity Spoofing. | 5.3 |
| 2025-02-04 | CVE-2025-22664 | Cross-site Scripting vulnerability in Ays-Pro Survey Maker Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Survey Maker team Survey Maker allows Stored XSS. | 4.8 |
| 2025-01-26 | CVE-2024-13505 | Cross-site Scripting vulnerability in Ays-Pro Survey Maker The Survey Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ays_sections[5][questions][8][title]’ parameter in all versions up to, and including, 5.1.3.3 due to insufficient input sanitization and output escaping. | 4.8 |
| 2024-10-29 | CVE-2024-50426 | Cross-site Scripting vulnerability in Ays-Pro Survey Maker Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Survey Maker team Survey Maker allows Stored XSS.This issue affects Survey Maker: from n/a through 5.0.2. | 4.8 |