CVE-2021-24762

CRITICAL EXPLOITED IN THE WILD NUCLEI

The Perfect Survey WP <1.5.2 - SQL Injection

Title source: llm

Exploitation Summary

CVE-2021-24762 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 4 public exploits from researchers including Ron Jost, NT1410, c4cnm, including a Metasploit module auxiliary/scanner/http/wp_perfect_survey_sqli. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates an unauthenticated SQL injection vulnerability in the WordPress Perfect Survey plugin (versions < 1.5.2) by leveraging the 'question_id' GET parameter in the 'get_question' AJAX action. It uses sqlmap to automate the exploitation process.

Description

The Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET parameter before using it in a SQL statement in the get_question AJAX action, allowing unauthenticated users to perform SQL injection.

Exploits (4)

exploitdb WORKING POC

by Ron Jost · pythonwebappsphp

https://www.exploit-db.com/exploits/50766

View Code ZIP pw:eip

This exploit demonstrates an unauthenticated SQL injection vulnerability in the WordPress Perfect Survey plugin (versions < 1.5.2) by leveraging the 'question_id' GET parameter in the 'get_question' AJAX action. It uses sqlmap to automate the exploitation process.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: WordPress Perfect Survey Plugin < 1.5.2

No auth needed

Prerequisites: Target WordPress site with vulnerable Perfect Survey plugin installed · Network access to the target

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WRITEUP

by NT1410 · poc

https://github.com/NT1410/CVE-2021-24762

View Code ZIP pw:eip

This repository documents a penetration testing lab targeting CVE-2021-24762, a SQL injection vulnerability in the Perfect Survey WordPress plugin. It includes detailed steps for reconnaissance, scanning, and exploitation using tools like Nuclei, SQLMap, and Dirsearch, but lacks actual exploit code.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: WordPress Perfect Survey Plugin 1.5.1

No auth needed

Prerequisites: WordPress installation with vulnerable plugin · Network access to target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Mar 09, 2026 Full analysis →

nomisec WORKING POC

by c4cnm · remote

https://github.com/c4cnm/Exploit_CVE-2021-24762

View Code ZIP pw:eip

This repository contains a functional Python exploit for CVE-2021-24762, a blind SQL injection vulnerability in the WordPress Perfect Survey plugin. The exploit uses time-based SQLi with SLEEP to extract the admin password hash from the default WordPress database structure.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: WordPress Perfect Survey plugin < 1.5.2

No auth needed

Prerequisites: Target running WordPress with Perfect Survey plugin < 1.5.2 · Network access to the target's admin-ajax.php endpoint

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

metasploit WORKING POC

by Aaryan Golatkar, Ron Jost · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/wp_perfect_survey_sqli.rb

View Code ZIP pw:eip

This Metasploit module exploits an unauthenticated SQL injection vulnerability in the WordPress Perfect Survey plugin (version 1.5.1) to extract sensitive user data, including usernames, emails, and password hashes from the `wp_users` table.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: WordPress Plugin Perfect Survey 1.5.1

No auth needed

Prerequisites: Target must have the vulnerable WordPress plugin installed and accessible

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

WordPress Perfect Survey <1.5.2 - SQL Injection

CRITICALby cckuailong

References (2)

Core 2

Core References

Exploit, Third Party Advisory x_refsource_misc

https://wpscan.com/vulnerability/c1620905-7c31-4e62-80f5-1d9635be11ad

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/166072/WordPress-Perfect-Survey-1.5.1-SQL-Injection.html

Scores

CVSS v3 9.8

EPSS 0.8690

EPSS Percentile 99.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2022-08-19

InTheWild.io 2022-08-19

CWE

CWE-89

Status published

Products (1)

getperfectsurvey/perfect_survey < 1.5.2

Published Feb 01, 2022

Tracked Since Feb 18, 2026