CVE-2024-9874

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 5.4.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

CVE-2024-9874 WordPress Poll Maker Plugin <= 5.4.6 - Authenticated (Administrator+) Time-Based SQL Injection

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 5.4.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

CVE-2024-9874

CVE-2024-9874 affects the WordPress plugin Poll Maker – Versus Polls, Anonymous Polls, Image Polls. Connected sources confirm a time-based SQL Injection via the orderby parameter in all versions up to 5.4.6, caused by insufficient escaping and lack of proper preparation of the SQL query. Exploita...

CVE-2024-9874 WordPress Poll Maker Plugin <= 5.4.6 - Authenticated (Administrator+) Time-Based SQL Injection

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 5.4.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

WordPress plugin Poll Maker SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

WordPress Poll Maker plugin <= 5.4.6 - Authenticated (Administrator+) Time-Based SQL Injection vulnerability

Authenticated Administrator+ Time-Based SQL Injection vulnerability discovered by tmrswrr in WordPress Plugin Poll Maker versions = 5.4.6...

PT-2024-39904 · WordPress · The Poll Maker – Versus Polls

Name of the Vulnerable Software and Affected Versions: The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress versions up to, and including, 5.4.6 Description: The issue is related to time-based SQL Injection via the orderby parameter due to insufficient escaping on the...

WordPress Poll Maker Plugin <= 5.4.6 is vulnerable to SQL Injection

Software Poll Maker Type Plugin Vulnerable versions = 5.4.6 Fixed in 5.4.7 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-9874 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 26f7f7b011e3 Credits tmrswrr Required privilege Administrator Published 8...

DEBIAN-CVE-2024-50145

In the Linux kernel, the following vulnerability has been resolved: octeonep: Add SKB allocation failures handling in octepoqprocessrx buildskb returns NULL in case of a memory allocation failure so handle it inside octepoqprocessrx to avoid NULL pointer dereference. octepoqprocessrx is called...

CVE-2024-9462

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Stored Cross-Site Scripting via poll settings in all versions up to, and including, 5.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...

CVE-2024-9475

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to generic SQL Injection via the orderby parameter in all versions up to, and including, 5.4.6 due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the...

CVE-2024-9462

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Stored Cross-Site Scripting via poll settings in all versions up to, and including, 5.4.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...

CVE-2024-9475

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to generic SQL Injection via the orderby parameter in all versions up to, and including, 5.4.6 due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the...

CVE-2024-9462

CVE-2024-9462 : The WordPress plugin Poll Maker – Versus Polls, Anonymous Polls, Image Polls is vulnerable to a Stored Cross-Site Scripting (XSS) via poll settings in all versions up to and including 5.4.6. The vulnerability arises from insufficient input sanitization and output escaping, enablin...

CVE-2024-9475

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls WordPress plugin is affected by a SQL Injection in versions up to 5.4.6 via the order_by parameter due to insufficient escaping and query preparation, enabling authenticated administrators to append SQL to existing queries. The issue’s r...

CVE-2024-9475 Poll Maker – Versus Polls, Anonymous Polls, Image Polls <= 5.4.6 - Authenticated (Administrator+) SQL Injection via Order_by Parameter

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to generic SQL Injection via the orderby parameter in all versions up to, and including, 5.4.6 due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the...

CVE-2024-9475 Poll Maker – Versus Polls, Anonymous Polls, Image Polls <= 5.4.6 - Authenticated (Administrator+) SQL Injection via Order_by Parameter

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to generic SQL Injection via the orderby parameter in all versions up to, and including, 5.4.6 due to insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the...

PT-2024-39653 · WordPress · The Poll Maker – Versus Polls

Name of the Vulnerable Software and Affected Versions: The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress versions up to, and including, 5.4.6 Description: The issue is related to generic SQL Injection via the order by parameter due to insufficient escaping on the...

WordPress plugin Poll Maker SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

PT-2024-39650 · WordPress · The Poll Maker – Versus Polls

Name of the Vulnerable Software and Affected Versions: The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress versions up to, and including, 5.4.6 Description: The issue is related to Stored Cross-Site Scripting via poll settings due to insufficient input sanitization an...