CVE-2025-28878

UNKNOWN 0.0

WordPress Awesome Surveys plugin <= 2.0.10 - Cross Site Scripting (XSS) vulnerability

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Will Brubaker Awesome Surveys awesome-surveys allows Stored XSS.This issue affects Awesome Surveys: from n/a through <= 2.0.10.

CWE	CWE-79
Vendor	will brubaker
Product	awesome surveys
Published	Mar 11, 2025
Last Updated	Apr 1, 2026

Stay Ahead of the Next One

Get instant alerts for will brubaker awesome surveys

Be the first to know when new unknown vulnerabilities affecting will brubaker awesome surveys are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Will Brubaker / Awesome Surveys

0 ≤ 2.0.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

patchstack.com: https://patchstack.com/database/Wordpress/Plugin/awesome-surveys/vulnerability/wordpress-awesome-surveys-plugin-2-0-10-cross-site-scripting-xss-vulnerability?_s_id=cve

Credits

Nabil Irawan | Patchstack Bug Bounty Program