Lucene search
China National Vulnerability DatabaseCNVD-2022-87018HistoryNov 23, 2022 - 12:00 a.m.
WordPress WP-Polls bypasses IP-based restrictions vulnerability
2022-11-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
wordpress
wp-polls
vulnerability
ip-based restrictions
bypass
0.001 Low
EPSS
Percentile
30.4%
WP-Polls is a WordPress voting plugin. A vulnerability exists in versions of WordPress WP-Polls prior to 2.76.0 to bypass IP-based restrictions. The vulnerability stems from preferring to get the visitor’s IP from certain HTTP headers instead of PHP’s REMOTE_ADDR, and an attacker can use the vulnerability to bypass IP-based restrictions for voting.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress wp-polls plugin | lt | 2.76.0 |
Related
cvelist
cvelist
CVE-2022-1581 WP-Polls < 2.76.0 - IP Validation Bypass
2022-11-21 00:00:00
nvd
nvd
CVE-2022-1581
2022-11-21 11:15:20
wpvulndb
wpvulndb
WP-Polls < 2.76.0 - IP Validation Bypass
2022-10-31 00:00:00
prion
prion
Design/Logic Flaw
2022-11-21 11:15:00
cve
cve
CVE-2022-1581
2022-11-21 11:15:20
patchstack
patchstack
WordPress WP-Polls plugin <= 2.75.6 - IP Validation Bypass vulnerability
2022-10-31 00:00:00