WordPress Light Poll plugin <= 1.0.0 - Polls Deletion via CSRF vulnerability

Polls Deletion via CSRF vulnerability discovered by Vuln Seeker Cybersecurity Team in WordPress Plugin Light Poll versions = 1.0.0...

CVE-2024-6720

The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

CVE-2024-6496

The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks when deleting polls, which could allow attackers to make logged in users perform such action via a CSRF attack...

WordPress Light Poll 1.0.0 Cross Site Request Forgery Vulnerability

Exploit Title: Light Poll history.pushState'', '', '/'; document.forms0.submit; Reference: https://wpscan.com/vulnerability/d598eabd-a87a-4e3e-be46-a5c5cc3f130e/ Exploit Title: Light Poll and are valid: https://example.com/wp-admin/admin.php?page=pollsettings&task=r...

WordPress Light Poll 1.0.0 Cross Site Request Forgery

Exploit Title: Light Poll history.pushState'', '', '/'; document.forms0.submit; Reference: https://wpscan.com/vulnerability/d598eabd-a87a-4e3e-be46-a5c5cc3f130e/ Exploit Title: Light Poll and are...

CVE-2024-6720

The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

CVE-2024-6720

The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

CVE-2024-6720 Light Poll <= 1.0.0 - Poll Answers Deletion via CSRF

The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

CVE-2024-6720 Light Poll <= 1.0.0 - Poll Answers Deletion via CSRF

The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

CVE-2024-6720

CVE-2024-6720 affects Light Poll WordPress plugin (

WordPress plugin Light Poll 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-37820 · WordPress · The Light Poll

Name of the Vulnerable Software and Affected Versions: The Light Poll WordPress plugin version 1.0.0 Description: The issue concerns the lack of CSRF checks in certain areas, potentially allowing attackers to trick logged-in users into performing unintended actions through CSRF attacks...

CVE-2024-6496

The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks when deleting polls, which could allow attackers to make logged in users perform such action via a CSRF attack...

CVE-2024-6496 Light Poll <= 1.0.0 - Polls Deletion via CSRF

The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks when deleting polls, which could allow attackers to make logged in users perform such action via a CSRF attack...

CVE-2024-6496 Light Poll <= 1.0.0 - Polls Deletion via CSRF

The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks when deleting polls, which could allow attackers to make logged in users perform such action via a CSRF attack...

WordPress plugin Light Poll 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Light Poll plugin <= 1.0.0 - Poll Answers Deletion via CSRF vulnerability

Poll Answers Deletion via CSRF vulnerability discovered by Vuln Seeker Cybersecurity Team in WordPress Plugin Light Poll versions = 1.0.0...

WordPress Light Poll Plugin <= 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Light Poll Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6720 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 167c407c922d Credits Vuln Seeker Cybersecurity...

CVE-2009-0295

SQL injection vulnerability in index.php in Information Technology Light Poll Information ITLPoll 2.7 Stable 2, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter...