WP-Polls is a WordPress voting plugin. A vulnerability exists in versions of WordPress WP-Polls prior to 2.76.0 to bypass IP-based restrictions. The vulnerability stems from preferring to get the visitor’s IP from certain HTTP headers instead of PHP’s REMOTE_ADDR, and an attacker can use the vulnerability to bypass IP-based restrictions for voting.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress wp-polls plugin | lt | 2.76.0 |