Report
SQL injection vulnerability in the ajax_survey function in settings.php in the WordPress Survey and Poll plugin 1.1.7 for Wordpress allows remote attackers to execute arbitrary SQL commands via the survey_id parameter in an ajax_survey action to wp-admin/admin-ajax.php.
Score:9.8
Severity:Critical
Version: 1.1
There is a patch available in v1.2 and we strongly recommend you update to this version as soon as possible.
