PatchSiren cyber security CVE debrief
CVE-2021-47941 Modalsurvey CVE debrief
CVE-2021-47941 describes an unauthenticated SQL injection flaw in the WordPress plugin Survey & Poll 1.5.7.3. According to the supplied CVE description and NVD metadata, an attacker can place malicious SQL in the wp_sap cookie parameter and cause the application to execute arbitrary queries against the WordPress database. That can expose sensitive content such as usernames, password material, and other confidential records. The issue is rated HIGH (CVSS 8.8) and maps to CWE-89.
- Vendor
- Modalsurvey
- Product
- Unknown
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-10
- Original CVE updated
- 2026-05-10
- Advisory published
- 2026-05-10
- Advisory updated
- 2026-05-10
Who should care
WordPress site owners, managed-service providers, and security teams responsible for sites running Survey & Poll 1.5.7.3 should treat this as a priority exposure, especially if the site is internet-facing. Database administrators and incident responders should also care because successful exploitation can reveal account and credential data stored in WordPress.
Technical summary
The supplied record indicates a network-reachable SQL injection with no privileges and no user interaction required. The attack surface is the wp_sap cookie parameter in Survey & Poll 1.5.7.3. NVD metadata classifies the weakness as CWE-89 and shows a CVSS vector consistent with remote, unauthenticated exploitation. The main defensive concern is unauthorized read access to the backend database; depending on query context and database permissions, broader impact may follow.
Defensive priority
Urgent for any deployment of the affected plugin, especially on exposed WordPress sites.
Recommended defensive actions
- Inventory WordPress sites for Survey & Poll 1.5.7.3 and remove or disable the plugin if it is not strictly required.
- Upgrade to a vendor-fixed version if one is available; verify the fix from the plugin maintainer before redeploying.
- Treat the plugin as potentially exposed to database theft and review WordPress, web server, and database logs for suspicious requests involving the wp_sap cookie.
- Rotate any credentials or secrets that may have been stored in or derived from the WordPress database if compromise is suspected.
- Back up affected systems before remediation and validate that the plugin is no longer installed or reachable after changes.
- If exploitation is suspected, perform incident response steps focused on database integrity, account review, and unauthorized data access.
Evidence notes
This debrief is based only on the supplied CVE/NVD record and the listed references. The source corpus identifies CVE-2021-47941 as an SQL injection in Survey & Poll 1.5.7.3, tagged CWE-89, with references to the vendor site, a VulnCheck advisory, and a public Exploit-DB listing. Vendor attribution in the corpus is low confidence, so product naming should be treated cautiously.
Official resources
The CVE/NVD record for this issue is publicly available on the supplied publication date, and the source corpus also points to a vendor site, a third-party advisory, and a public exploit reference. This debrief avoids exploit instructions,,