WordPress plugin Poll Maker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Poll Maker plugin <= 5.4.6 - Authenticated (Administrator+) SQL Injection vulnerability

Authenticated Administrator+ SQL Injection vulnerability discovered by Ivan Kuzymchak in WordPress Plugin Poll Maker versions = 5.4.6...

WordPress Poll Maker plugin <= 5.4.6 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Poll Maker versions = 5.4.6...

WordPress Poll Maker Plugin <= 5.4.6 is vulnerable to SQL Injection

Software Poll Maker Type Plugin Vulnerable versions = 5.4.6 Fixed in 5.4.7 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-9475 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID be15c21e4c00 Credits Ivan Kuzymchak Required privilege Administrator Publish...

WordPress Poll Maker Plugin <= 5.4.6 is vulnerable to Cross Site Scripting (XSS)

Software Poll Maker Type Plugin Vulnerable versions = 5.4.6 Fixed in 5.4.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9462 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 285124c9b4b8 Credits Jonas Benjamin Friedli Requir...

CVE-2022-48985

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix race on per-CQ variable napi workdone After calling napicompletedone, the NAPIFSTATESCHED bit may be cleared, and another CPU can start napi thread and access per-CQ variable, cq-workdone. If the other thread for...

DEBIAN-CVE-2022-48985

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix race on per-CQ variable napi workdone After calling napicompletedone, the NAPIFSTATESCHED bit may be cleared, and another CPU can start napi thread and access per-CQ variable, cq-workdone. If the other thread for...

UBUNTU-CVE-2022-48985

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix race on per-CQ variable napi workdone After calling napicompletedone, the NAPIFSTATESCHED bit may be cleared, and another CPU can start napi thread and access per-CQ variable, cq-workdone. If the other thread for...

CVE-2024-8625

The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

CVE-2024-8625

The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

CVE-2024-8625 TS Poll – Survey, Versus Poll, Image Poll, Video Poll < 2.4.0 - Admin+ SQL Injection

The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

CVE-2024-8625 TS Poll – Survey, Versus Poll, Image Poll, Video Poll < 2.4.0 - Admin+ SQL Injection

The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

CVE-2024-8625

The TS Poll WordPress plugin is affected: versions prior to 2.4.0 do not sanitize/escape a parameter before using it in a SQL statement, enabling an SQL injection through admin-level access. Documented impact correlates to high severity (CVSS 3.1 base: 7.2). Affected component: the plugin’s SQL u...

WordPress plugin TS Poll 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-39140

Name of the Vulnerable Software and Affected Versions: TS Poll WordPress plugin versions prior to 2.4.0 Description: The issue allows admins to perform SQL injection attacks due to the lack of sanitization and escaping of a parameter before using it in a SQL statement. Recommendations: For versio...

kernel: ionic: fix use after netif_napi_del()

A vulnerability was found in the Linux kernel's Ionic driver in the ionicqcqenable function, where the issue arises when the driver fails to reset the .poll pointer to NULL after a queue is unregistered via netifnapidel, leading to a use-after-free scenario when attempting to enable a previously...

nfc: pn533: Add poll mod list filling check

...

CVE-2024-9022

The TS Poll – Survey, Versus Poll, Image Poll, Video Poll plugin for WordPress is vulnerable to SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 2.4.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

CVE-2024-9022 TS Poll – Survey, Versus Poll, Image Poll, Video Poll <= 2.4.0 - Authenticated (Administrator+) SQL Injection via orderby Parameter

The TS Poll – Survey, Versus Poll, Image Poll, Video Poll plugin for WordPress is vulnerable to SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 2.4.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

CVE-2024-9022 TS Poll – Survey, Versus Poll, Image Poll, Video Poll <= 2.4.0 - Authenticated (Administrator+) SQL Injection via orderby Parameter

The TS Poll – Survey, Versus Poll, Image Poll, Video Poll plugin for WordPress is vulnerable to SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 2.4.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...