Lucene search
China National Vulnerability DatabaseCNVD-2022-86548HistoryOct 13, 2021 - 12:00 a.m.
WordPress Poll Maker plugin SQL injection vulnerability
2021-10-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
wordpress
php
mysql
sql injection
ajax
vulnerability
password hashes
plugin
EPSS
0.003
Percentile
68.8%
WordPress is the Wordpress Foundation’s suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. SQL injection vulnerability exists in versions prior to WordPress Poll Maker plugin 3.4.2, which stems from the plugin allowing unauthenticated users to perform SQL injection via the ays_finish_Poll AJAX operation. An attacker could use the vulnerability to obtain data such as password hashes.
Related
patchstack
patchstack
wpvulndb
wpvulndb
Poll Maker < 3.4.2 - Unauthenticated Time Based SQL Injection
2021-09-13 00:00:00
cvelist
cvelist
CVE-2021-24651 Poll Maker < 3.4.2 - Unauthenticated Time Based SQL Injection
2021-10-11 10:45:35
wpexploit
wpexploit
Poll Maker < 3.4.2 - Unauthenticated Time Based SQL Injection
2021-09-13 00:00:00
cve
cve
CVE-2021-24651
2021-10-11 11:15:08
prion
prion
Sql injection
2021-10-11 11:15:00
nvd
nvd
CVE-2021-24651
2021-10-11 11:15:08