107 matches found
CVE-2025-49044 WordPress Simple Poll plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in tosend.it Simple Poll simple-poll allows Stored XSS.This issue affects Simple Poll: from n/a through = 1.1.1...
WordPress Simple Poll plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by TAKERU OTSUKA Patchstack Alliance in WordPress Plugin Simple Poll versions = 1.1.1...
CVE-2025-3880
The Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin for WordPress is vulnerable to unauthorized modification of data due to a misconfigured capability check on several functions in all versions up to, and including, 19.9.0. This makes it possible for authenticated attackers, with...
CVE-2025-5841
The ACF Onyx Poll plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘class’ parameter in all versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access a...
CVE-2024-6720
The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
CVE-2024-8625
The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...
CVE-2023-34013
Server-Side Request Forgery SSRF vulnerability in Poll Maker Team Poll Maker – Best WordPress Poll Plugin.This issue affects Poll Maker – Best WordPress Poll Plugin: from n/a through 4.6.2...
CVE-2021-24834
The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll - Options module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is...
CVE-2021-24454
In the YOP Poll WordPress plugin before 6.2.8, when a pool is created with the options "Allow other answers", "Display other answers in the result list" and "Show results", it can lead to Stored Cross-Site Scripting issues as the 'Other' answer is not sanitised before being output in the page. Th...
CVE-2021-24833
The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability, which exists in the Admin preview module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is due to...
CVE-2019-9914
The yop-poll plugin before 6.0.3 for WordPress has wp-admin/admin.php?page=yop-polls=view-votes pollid XSS...
CVE-2013-1401
Multiple security bypass vulnerabilities in the editAnswer, deleteAnswer, addAnswer, and deletePoll functions in WordPress Poll Plugin 34.5 for WordPress allow a remote attacker to add, edit, and delete an answer and delete a poll...
CVE-2013-1400
Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll Plugin 34.5 for WordPress allow attackers to execute arbitrary SQL commands via the pollid or pollid parameter in a viewPollResults or userlogs action...
CVE-2025-3470
CVE-2025-3470 describes an authenticated SQL Injection in the WordPress plugin TS Poll – Survey, Versus Poll, Image Poll, Video Poll, affecting versions up to and including 2.4.6. The root cause is insufficient escaping of the user-supplied s parameter and inadequate preparation in the existing S...
WordPress plugin TS Poll SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress plugin CBX Poll 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
WordPress WordPress Survey & Poll – Quiz, Survey and Poll Plugin for WordPress plugin <= 1.7.5 - Authenticated (Contributor+) SQL Injection vulnerability
Authenticated Contributor+ SQL Injection vulnerability discovered by Peter Thaleikis in WordPress Plugin WordPress Survey & Poll versions = 1.7.5...
WordPress plugin TS Poll 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin TS Poll SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress TS Poll plugin <= 2.3.9 - Authenticated (Administrator+) SQL Injection via orderby Parameter vulnerability
Authenticated Administrator+ SQL Injection via orderby Parameter vulnerability discovered by WordFence in WordPress Plugin TS Poll versions = 2.4.0...