Vulnerabilities (CVE)

Filtered by vendor Wp-polls Project Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-40130 1 Wp-polls Project 1 Wp-polls 2024-11-21 N/A 4.3 MEDIUM
Auth. (subscriber+) Race Condition vulnerability in WP-Polls plugin <= 2.76.0 on WordPress.
CVE-2022-1581 1 Wp-polls Project 1 Wp-polls 2024-11-21 N/A 5.3 MEDIUM
The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations to vote in certain situations.
CVE-2016-10936 1 Wp-polls Project 1 Wp-polls 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The wp-polls plugin before 2.73.1 for WordPress has XSS via the Poll bar option.
CVE-2015-9352 1 Wp-polls Project 1 Wp-polls 2024-11-21 7.5 HIGH 9.8 CRITICAL
The wp-polls plugin before 2.72 for WordPress has SQL injection.