Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-40130 | 1 Wp-polls Project | 1 Wp-polls | 2024-11-21 | N/A | 4.3 MEDIUM |
Auth. (subscriber+) Race Condition vulnerability in WP-Polls plugin <= 2.76.0 on WordPress. | |||||
CVE-2022-1581 | 1 Wp-polls Project | 1 Wp-polls | 2024-11-21 | N/A | 5.3 MEDIUM |
The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations to vote in certain situations. | |||||
CVE-2016-10936 | 1 Wp-polls Project | 1 Wp-polls | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
The wp-polls plugin before 2.73.1 for WordPress has XSS via the Poll bar option. | |||||
CVE-2015-9352 | 1 Wp-polls Project | 1 Wp-polls | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
The wp-polls plugin before 2.72 for WordPress has SQL injection. |