The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Stored Cross-Site Scripting via poll settings in all versions up to, and including, 5.4.6 due to insufficient input sanitization and output escaping. This allows authenticated attackers with administrator-level permissions to inject arbitrary web scripts
Reporter | Title | Published | Views | Family All 5 |
---|---|---|---|---|
![]() | CVE-2024-9462 Poll Maker – Versus Polls, Anonymous Polls, Image Polls <= 5.4.6 - Authenticated (Administrator+) Stored Cross-Site Scripting via Poll Settings | 26 Oct 202401:58 | – | cvelist |
![]() | WordPress Poll Maker Plugin <= 5.4.6 is vulnerable to Cross Site Scripting (XSS) | 25 Oct 202400:00 | – | patchstack |
![]() | CVE-2024-9462 | 26 Oct 202403:15 | – | nvd |
![]() | CVE-2024-9462 Poll Maker – Versus Polls, Anonymous Polls, Image Polls <= 5.4.6 - Authenticated (Administrator+) Stored Cross-Site Scripting via Poll Settings | 26 Oct 202401:58 | – | vulnrichment |
![]() | Wordfence Intelligence Weekly WordPress Vulnerability Report (October 21, 2024 to October 27, 2024) | 31 Oct 202415:37 | – | wordfence |
[
{
"vendor": "ays-pro",
"product": "Poll Maker – Versus Polls, Anonymous Polls, Image Polls",
"versions": [
{
"version": "*",
"status": "affected",
"lessThanOrEqual": "5.4.6",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo