CVE-2021-24442
published 2021-07-12CVE-2021-24442: The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise, escape or validate the date_answers[] POST parameter before…
PriorityP185critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
46.92%
98.7th percentile
The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise, escape or validate the date_answers[] POST parameter before using it in a SQL statement when sending a Poll result, allowing unauthenticated users to perform SQL Injection attacks
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wpdevart | poll_survey_questionnaire_and_voting_system | < 1.5.3 | 1.5.3 |
Detection & IOCsextracted from sources · hover to see the quote
bytes
4a0a0047304502205a4203fc0b7487daeea5ec7beb53fbf3c0eeb515f32c34a4605f7ccbc0339154022100badb43634bbb19363600b7343a0e54f19653562580c9a746b8ed8d1722469493:922c64590222798bb761d5b6d8e72950
- →Monitor POST requests containing the `date_answers[]` parameter for SQL injection payloads; this parameter is unsanitised and passed directly into a SQL statement by the plugin before version 1.5.3. ↗
- →Exploitation is unauthenticated; look for anomalous POST requests to poll/survey/voting endpoints from unauthenticated sessions (no valid WordPress auth cookies) containing SQL metacharacters in `date_answers[]`. ↗
- →The nuclei/detection rule targets the 'Poll, Survey, Questionnaire and Voting system' WordPress plugin; fingerprint installations of this plugin (versions < 1.5.3) as a priority for scanning.
- ·The vulnerability affects only versions of the plugin strictly before 1.5.3; version 1.5.3 and later include the fix. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rrj8-8872-rq8p: The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1
ghsa_unreviewed·2022-05-24
CVE-2021-24442 [CRITICAL] CWE-89 GHSA-rrj8-8872-rq8p: The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1
The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise, escape or validate the date_answers[] POST parameter before using it in a SQL statement when sending a Poll result, allowing unauthenticated users to perform SQL Injection attacks
VulnCheck
wpdevart poll\,_survey\,_questionnaire_and_voting_system Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
vulncheck·2021·CVSS 9.8
CVE-2021-24442 [CRITICAL] wpdevart poll\,_survey\,_questionnaire_and_voting_system Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
wpdevart poll\,_survey\,_questionnaire_and_voting_system Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise, escape or validate the date_answers[] POST parameter before using it in a SQL statement when sending a Poll result, allowing unauthenticated users to perform SQL Injection attacks
Affected: wpdevart poll\,_survey\,_questionnaire_and_voting_system
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2025-06-06&host_type=src&vulnerability=cve-2021-24
No detection rules found.
Nuclei
Wordpress Polls Widget < 1.5.3 - SQL Injection
nuclei·CVSS 9.8
CVE-2021-24442 [CRITICAL] Wordpress Polls Widget < 1.5.3 - SQL Injection
Wordpress Polls Widget =5'
- 'status_code == 200'
- 'contains_all(body, "{\"answer_name", "vote\":")'
condition: and
# digest: 4a0a0047304502205a4203fc0b7487daeea5ec7beb53fbf3c0eeb515f32c34a4605f7ccbc0339154022100badb43634bbb19363600b7343a0e54f19653562580c9a746b8ed8d1722469493:922c64590222798bb761d5b6d8e72950
2021-07-12
Published
Exploited in the wild