Matheus Camargo (c4cnm)

1 exploit Active since Feb 2022
CVE-2021-24762 NOMISEC CRITICAL WORKING POC
The Perfect Survey WP <1.5.2 - SQL Injection
The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET parameter before using it in a SQL statement in the get_question AJAX action, allowing unauthenticated users to perform SQL injection.
CVSS 9.8