CVE-2023-27449 WordPress Total Poll Lite plugin <= 4.8.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in TotalSuite Total Poll Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Total Poll Lite: from n/a through 4.8.6...

CVE-2023-27449

CVE-2023-27449: WordPress Total Poll Lite plugin &lt;= 4.8.6 suffers a Missing Authorization (Broken Access Control) vulnerability. The issue allows exploitation due to incorrectly configured access control with a required privilege of Subscriber. A fix is available in version 4.8.7; upgrading mi...

CVE-2023-50904 WordPress Poll Maker plugin <= 4.8.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through = 4.8.0...

CVE-2023-50904 WordPress Poll Maker plugin <= 4.8.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through = 4.8.0...

PT-2024-12131 · Unknown · Total Poll Lite

Name of the Vulnerable Software and Affected Versions: Total Poll Lite versions through 4.8.6 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions through 4.8.6,...

WordPress plugin Poll Maker 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-14002 · Unknown · Poll Maker

Name of the Vulnerable Software and Affected Versions: Poll Maker versions through 4.8.0 Description: The issue is related to a Missing Authorization vulnerability in Poll Maker, allowing exploitation of incorrectly configured access control security levels. Recommendations: For versions through...

WordPress plugin Total Poll Lite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-12115

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.5.4. This is due to missing or incorrect nonce validation on the duplicatepoll function. This makes it possible for unauthenticated...

CVE-2024-12115

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.5.4. This is due to missing or incorrect nonce validation on the duplicatepoll function. This makes it possible for unauthenticated...

CVE-2024-12115 Poll Maker <= 5.5.4 - Cross-Site Request Forgery to Poll Duplication

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.5.4. This is due to missing or incorrect nonce validation on the duplicatepoll function. This makes it possible for unauthenticated...

CVE-2024-12115 Poll Maker <= 5.5.4 - Cross-Site Request Forgery to Poll Duplication

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.5.4. This is due to missing or incorrect nonce validation on the duplicatepoll function. This makes it possible for unauthenticated...

CVE-2024-12115

CVE-2024-12115 concerns the WordPress plugin Poll Maker – Versus Polls, Anonymous Polls, Image Polls. The issue is a Cross-Site Request Forgery due to missing or incorrect nonce validation in the duplicate_poll() function, enabling unauthenticated attackers to duplicate polls by inducing a site a...

WordPress plugin Poll Maker 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

PT-2024-17447 · WordPress · The Poll Maker – Versus Polls

Name of the Vulnerable Software and Affected Versions: The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress versions up to, and including, 5.5.4 Description: The issue is due to missing or incorrect nonce validation on the duplicate poll function, making it possible fo...

WordPress Poll Maker plugin <= 5.5.4 - Cross-Site Request Forgery to Poll Duplication vulnerability

Cross-Site Request Forgery to Poll Duplication vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin Poll Maker versions = 5.5.4...

CLSA-2024-1731603213 Fix of 76 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-44946 - kcm: Serialise kcmsendmsg for the same socket. CVE-url: https://ubuntu.com/security/CVE-2024-42292 - kobjectuevent: Fix OOB access within zapmodaliasenv CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nftables: prefer...

MAL-2024-10669 Malicious code in http-long-poll-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 97d2b613846d6d46382d7e35948448e2562b6e56751ade4e47ddec292c2048c2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

kernel: null_blk: fix poll request timeout handling

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix poll request timeout handling When doing iouring benchmark on /dev/nullb0, it's easy to crash the kernel if poll requests timeout triggered, as reported by David. 1 BUG: kernel NULL pointer dereference, address:...

kernel: aio: fix use-after-free due to missing POLLFREE handling

In the Linux kernel, the following vulnerability has been resolved: aio: fix use-after-free due to missing POLLFREE handling signalfdpoll and binderpoll are special in that they use a waitqueue whose lifetime is the current task, rather than the struct file as is normally the case. This is okay f...