CVE-2022-1581 WP-Polls < 2.76.0 - IP Validation Bypass

The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations to vote in certain situations...

PT-2022-13980 · WordPress · Wp-Polls

Name of the Vulnerable Software and Affected Versions: WP-Polls versions prior to 2.76.0 Description: The issue allows bypassing IP-based limitations to vote in certain situations due to the plugin prioritizing getting a visitor's IP from certain HTTP headers over PHP's REMOTE ADDR...