WordPress is a set of blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress YOP Poll Plugin, which stems from a lack of checksum filtering of user-supplied and output data by the create_yop_poll parameter within the product administrator preview module. An attacker could use this vulnerability to execute JavaScript code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress yop poll | lt | 6.3.1 |