Lucene search
+L

264 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:15 a.m.6 views

CVE-2024-9475

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to generic SQL Injection via the orderby parameter in all versions up to, and including, 5.4.6 due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the...

7.2CVSS6.6AI score0.00476EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:3 a.m.14 views

CVE-2024-3601

The Poll Maker – Best WordPress Poll Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ayspollcreateauthor function in all versions up to, and including, 5.1.8. This makes it possible for unauthenticated attackers to extract email...

5.3CVSS6.7AI score0.00584EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:5 a.m.7 views

CVE-2024-56295

Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through = 5.5.6...

6.5CVSS7.2AI score0.00429EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:21 a.m.5 views

CVE-2023-34013

Server-Side Request Forgery SSRF vulnerability in Poll Maker Team Poll Maker – Best WordPress Poll Plugin.This issue affects Poll Maker – Best WordPress Poll Plugin: from n/a through 4.6.2...

7.5CVSS7.8AI score0.00445EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:13 a.m.11 views

CVE-2023-41871

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Poll Maker Team Poll Maker plugin = 4.7.0 versions...

7.1CVSS5.9AI score0.0033EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:14 a.m.9 views

CVE-2023-45766

Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through = 4.7.1...

5.3CVSS7.3AI score0.00343EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:14 p.m.12 views

CVE-2022-1456

The Poll Maker WordPress plugin before 4.0.2 does not sanitise and escape some settings, which could allow high privilege users such as admin to perform Store Cross-Site Scripting attack even when unfilteredhtml is disallowed...

4.8CVSS6AI score0.00565EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:32 p.m.8 views

CVE-2021-24651

The Poll Maker WordPress plugin before 3.4.2 allows unauthenticated users to perform SQL injection via the aysfinishpoll AJAX action. While the result is not disclosed in the response, it is possible to use a timing attack to exfiltrate data such as password hash...

7.5CVSS8AI score0.01587EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:22 p.m.6 views

CVE-2021-24483

The getpollcategories, getpolls and getreports functions in the Poll Maker WordPress plugin before 3.2.1 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the getresults DB calls, leading to SQL injection issues in the admin dashboard...

7.2CVSS7.7AI score0.01409EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/09 3:25 p.m.10 views

CVE-2025-47545

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Ays Pro Poll Maker poll-maker allows Leveraging Race Conditions.This issue affects Poll Maker: from n/a through = 5.7.7...

8.1CVSS7.2AI score0.00275EPSS
Exploits0References1
OSV
OSV
added 2025/05/07 3:16 p.m.5 views

CVE-2025-47545

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Ays Pro Poll Maker allows Leveraging Race Conditions. This issue affects Poll Maker: from n/a through 5.7.7...

8.1CVSS5.8AI score0.00275EPSS
Exploits0References1
NVD
NVD
added 2025/05/07 3:16 p.m.15 views

CVE-2025-47545

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Ays Pro Poll Maker poll-maker allows Leveraging Race Conditions.This issue affects Poll Maker: from n/a through = 5.7.7...

8.1CVSS0.00275EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/07 2:20 p.m.33 views

CVE-2025-47545 WordPress Poll Maker plugin <= 5.7.7 - Race Condition Vulnerability

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Ays Pro Poll Maker poll-maker allows Leveraging Race Conditions.This issue affects Poll Maker: from n/a through = 5.7.7...

5.3CVSS0.00275EPSS
Exploits0References1
CVE
CVE
added 2025/05/07 2:20 p.m.62 views

CVE-2025-47545

CVE-2025-47545 relates to a race condition in the WordPress plugin Poll Maker. Affected software: Poll Maker versions n/a through 5.7.7. Root cause per sources: Concurrent execution using a shared resource with improper synchronization. Documented impact aligns with race conditions (no concrete e...

8.1CVSS7.2AI score0.00275EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/07 2:20 p.m.9 views

CVE-2025-47545 WordPress Poll Maker plugin <= 5.7.7 - Race Condition Vulnerability

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Ays Pro Poll Maker poll-maker allows Leveraging Race Conditions.This issue affects Poll Maker: from n/a through = 5.7.7...

5.3CVSS8.6AI score0.00275EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/05/07 12:41 p.m.8 views

WordPress Poll Maker plugin <= 5.7.7 - Race Condition Vulnerability

Race Condition Vulnerability discovered by Ibrahim Mohammad in WordPress Plugin Poll Maker versions = 5.7.7...

8.1CVSS8.2AI score0.00275EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.6 views

PT-2025-20158 · Unknown · Ays Pro Poll Maker

Name of the Vulnerable Software and Affected Versions: Ays Pro Poll Maker versions n/a through 5.7.7 Description: The issue is related to a 'Race Condition' vulnerability, which occurs due to concurrent execution using shared resources with improper synchronization. This allows for leveraging rac...

8.1CVSS8.4AI score0.00275EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/05/07 12:0 a.m.7 views

WordPress plugin Poll Maker 竞争条件问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A competitive...

8.1CVSS8.3AI score0.00275EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 11:48 p.m.8 views

CVE-2025-24577

Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through = 5.5.0...

9.8CVSS5.9AI score0.00377EPSS
Exploits0References1
NVD
NVD
added 2025/04/17 4:15 p.m.7 views

CVE-2025-24577

Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through = 5.5.0...

9.8CVSS0.00377EPSS
Exploits0References1
Rows per page
Query Builder