CVE-2021-47941

Name of the Vulnerable Software and Affected Versions Survey & Poll version 1.5.7.3

Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by injecting malicious code through the wp sap cookie parameter, enabling the extraction of sensitive database information such as usernames, passwords, and other confidential data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.