CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

115 matches found

RedhatCVE•added 2026/01/09 10:45 a.m.•10 views

CVE-2022-0205

The YOP Poll WordPress plugin before 6.3.5 does not sanitise and escape some of the settings available to users with a role as low as author before outputting them, leading to a Stored Cross-Site Scripting issue...

5.4CVSS5.8AI score0.00197EPSS

Exploits2References1

RedhatCVE•added 2025/11/14 10:11 a.m.•3 views

CVE-2025-64370

Missing Authorization vulnerability in YOP YOP Poll yop-poll allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YOP Poll: from n/a through = 6.5.38...

5.3CVSS7AI score0.00038EPSS

Exploits0References1

EUVD•added 2025/11/13 12:31 p.m.•1 views

EUVD-2025-163770

Missing Authorization vulnerability in YOP YOP Poll yop-poll allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YOP Poll: from n/a through = 6.5.38...

5.3CVSS6.4AI score0.00038EPSS

Exploits0References2

NVD•added 2025/11/13 10:15 a.m.•1 views

CVE-2025-64370

Missing Authorization vulnerability in YOP YOP Poll yop-poll allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YOP Poll: from n/a through = 6.5.38...

5.3CVSS0.00038EPSS

Exploits0References1

CVE•added 2025/11/13 9:24 a.m.•3 views

CVE-2025-64370

CVE-2025-64370 affects WordPress YOP Poll plugin versions up to 6.5.38 and is described as a Missing Authorization / Broken Access Control vulnerability caused by incorrectly configured access control security levels. The CVSS v3.1 base score is 5.3 (Medium) with an Att&ck-style vector of Network...

5.3CVSS6.6AI score0.00038EPSS

Exploits0References1

Vulnrichment•added 2025/11/13 9:24 a.m.•1 views

CVE-2025-64370 WordPress YOP Poll plugin <= 6.5.38 - Broken Access Control vulnerability

Missing Authorization vulnerability in YOP YOP Poll yop-poll allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YOP Poll: from n/a through = 6.5.38...

5.3CVSS6.6AI score0.00038EPSS

Exploits0References1

Cvelist•added 2025/11/13 9:24 a.m.•5 views

CVE-2025-64370 WordPress YOP Poll plugin <= 6.5.38 - Broken Access Control vulnerability

Missing Authorization vulnerability in YOP YOP Poll yop-poll allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects YOP Poll: from n/a through = 6.5.38...

5.3CVSS0.00038EPSS

Exploits0References1

CNNVD•added 2025/11/13 12:0 a.m.•1 views

WordPress plugin YOP Poll 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.4AI score0.00038EPSS

Exploits0References1

Positive Technologies•added 2025/11/13 12:0 a.m.•2 views

PT-2025-46811

Name of the Vulnerable Software and Affected Versions YOP Poll versions through 6.5.38 Description An authorization issue exists in YOP Poll, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update YOP Poll to a version later than 6.5.38...

5.3CVSS6.6AI score0.00038EPSS

Exploits0References3

RedhatCVE•added 2025/11/07 5:32 p.m.•1 views

CVE-2025-62040

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YOP YOP Poll yop-poll.This issue affects YOP Poll: from n/a through = 6.5.37...

7.1CVSS6.4AI score0.00031EPSS

Exploits0References1

EUVD•added 2025/11/06 6:32 p.m.•1 views

EUVD-2025-38081

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YOP YOP Poll yop-poll.This issue affects YOP Poll: from n/a through = 6.5.37...

7.1CVSS5.9AI score0.00031EPSS

Exploits0References2

NVD•added 2025/11/06 4:16 p.m.•5 views

CVE-2025-62040

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YOP YOP Poll yop-poll.This issue affects YOP Poll: from n/a through = 6.5.37...

7.1CVSS0.00031EPSS

Exploits0References1

CVE•added 2025/11/06 3:55 p.m.•4 views

CVE-2025-62040

CVE-2025-62040 is a Cross-Site Scripting (XSS) vulnerability in WordPress YOP Poll plugin (yop-poll) affecting versions up to and including 6.5.37. Public sources (NVD/Red Hat/ENISA/Wordfence/Patchstack) confirm improper input neutralization during web page generation as the root cause and identi...

7.1CVSS6AI score0.00031EPSS

Exploits0References1

Vulnrichment•added 2025/11/06 3:55 p.m.•1 views

CVE-2025-62040 WordPress YOP Poll plugin <= 6.5.37 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YOP YOP Poll yop-poll.This issue affects YOP Poll: from n/a through = 6.5.37...

7.1CVSS6AI score0.00031EPSS

Exploits0References1

Cvelist•added 2025/11/06 3:55 p.m.•3 views

CVE-2025-62040 WordPress YOP Poll plugin <= 6.5.37 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YOP YOP Poll yop-poll.This issue affects YOP Poll: from n/a through = 6.5.37...

7.1CVSS0.00031EPSS

Exploits0References1

Positive Technologies•added 2025/11/06 12:0 a.m.•1 views

PT-2025-45307

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in YOP YOP Poll yop-poll.This issue affects YOP Poll: from n/a through = 6.5.37...

7.1CVSS6.4AI score0.00031EPSS

Exploits0References2

CNNVD•added 2025/11/06 12:0 a.m.•1 views

WordPress plugin YOP Poll 安全漏洞

7.1CVSS6AI score0.00031EPSS

Exploits0References1