WordPress TS Poll < 2.4.0 - SQL Injection

WordPress TS Poll plugin 2.4.0 contains a SQL injection caused by lack of sanitization and escaping of a parameter before using it in a SQL statement, letting attackers perform SQL injection attacks, exploit requires admin privileges. id: CVE-2024-8625 info: name: WordPress TS Poll 2.4.0 - SQL...

CVE-2026-25428

Server-Side Request Forgery SSRF vulnerability in totalsoft TS Poll poll-wp allows Server Side Request Forgery.This issue affects TS Poll: from n/a through = 2.5.5...

CVE-2026-25428

Server-Side Request Forgery SSRF vulnerability in totalsoft TS Poll poll-wp allows Server Side Request Forgery.This issue affects TS Poll: from n/a through = 2.5.5...

CVE-2026-25428

The provided connected sources document a concrete vulnerability: WordPress TS Poll plugin (poll-wp) versions up to and including 2.5.5 have a Server-Side Request Forgery (SSRF) flaw. The root cause is not elaborated beyond the SSRF condition, and there is no explicit exploit code or in-the-wild ...

CVE-2026-25428 WordPress TS Poll plugin <= 2.5.5 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in totalsoft TS Poll poll-wp allows Server Side Request Forgery.This issue affects TS Poll: from n/a through = 2.5.5...

CVE-2026-25428 WordPress TS Poll plugin <= 2.5.5 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in totalsoft TS Poll poll-wp allows Server Side Request Forgery.This issue affects TS Poll: from n/a through = 2.5.5...

WordPress TS Poll - Survey, Versus Poll, Image Poll, Video Poll plugin < 2.4.0 - Admin+ SQL Injection vulnerability

WordPress TS Poll - Survey, Versus Poll, Image Poll, Video Poll plugin 2.4.0 - Admin+ SQL Injection vulnerability discovered by Chu Quoc Khanh in WordPress Plugin TS Poll versions 2.4.0...

WordPress TS Poll plugin <= 2.5.5 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Jakub Herman in WordPress Plugin TS Poll versions = 2.5.5...

EUVD-2025-205247

Missing Authorization vulnerability in totalsoft TS Poll poll-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TS Poll: from n/a through = 2.5.3...

CVE-2025-68588

Missing Authorization vulnerability in totalsoft TS Poll poll-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TS Poll: from n/a through = 2.5.5...

CVE-2025-68588 WordPress TS Poll plugin <= 2.5.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in totalsoft TS Poll poll-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TS Poll: from n/a through = 2.5.5...

WordPress plugin TS Poll 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress TS Poll plugin <= 2.5.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin TS Poll versions = 2.5.5...

CVE-2024-8625

The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

CVE-2025-3470 TS Poll – Survey, Versus Poll, Image Poll, Video Poll <= 2.4.6 - Authenticated (Administrator+) SQL Injection via 's' Parameter

The TS Poll – Survey, Versus Poll, Image Poll, Video Poll plugin for WordPress is vulnerable to SQL Injection via the s parameter in all versions up to, and including, 2.4.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...

CVE-2025-3470

CVE-2025-3470 describes an authenticated SQL Injection in the WordPress plugin TS Poll – Survey, Versus Poll, Image Poll, Video Poll, affecting versions up to and including 2.4.6. The root cause is insufficient escaping of the user-supplied s parameter and inadequate preparation in the existing S...

PT-2025-16282 · WordPress · Ts Poll – Survey

Name of the Vulnerable Software and Affected Versions: TS Poll – Survey, Versus Poll, Image Poll, Video Poll plugin for WordPress versions up to, and including, 2.4.6 Description: The issue concerns SQL Injection via the s parameter due to insufficient escaping on the user-supplied parameter and...

CVE-2024-8625

The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

CVE-2024-8625

The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks...

CVE-2024-8625

The TS Poll WordPress plugin is affected: versions prior to 2.4.0 do not sanitize/escape a parameter before using it in a SQL statement, enabling an SQL injection through admin-level access. Documented impact correlates to high severity (CVSS 3.1 base: 7.2). Affected component: the plugin’s SQL u...