CVE-2017-1002020

Name of the Vulnerable Software and Affected Versions wordpress plugin surveys version 1.01.8

Description The issue arises from the code in survey form.php, which fails to sanitize the action variable before incorporating it into an SQL query. This lack of sanitization can lead to potential SQL injection issues.

Recommendations For version 1.01.8, ensure proper sanitization of the action variable in the survey form.php file to prevent SQL injection. Consider modifying the code to validate and cleanse user-input data before it is used in SQL queries.