cleantalk
Vulnerabilities and Security Researches

SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity, CVE-2025-32256

CVE, Research URL

CVE-2025-32256

Home page URL

Security reports for SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity

Application

SurveyJS: Drag & Drop WordPress Form Builder to create, style and embed multiple forms of any complexity

Published on
Apr 04, 2025
Research Description
Missing Authorization vulnerability in devsoftbaltic SurveyJS allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects SurveyJS: from n/a through 1.12.20.
Affected versions
Min -, max 1.12.20.
Status
vulnerable
Previous vulnerability researches
include-file (CVE-2025-30596) , Apr 05, 2025
include-file (CVE-2025-30595) , Mar 26, 2025
New vulnerability
RDP Wiki Embed (CVE-2025-32262) , Apr 06, 2025
AdMail – Back in-stock notifier for WooCommerce (CVE-2025-32234) , Apr 06, 2025
Course Booking System (CVE-2025-32253) , Apr 06, 2025
Radius Blocks – WordPress Gutenberg Blocks (CVE-2025-32159) , Apr 06, 2025
Wishlist (CVE-2025-32272) , Apr 06, 2025