3 matches found
WordPress Cardoza Poll plugin <= 36 - Authenticated SQL Injection (SQLi) vulnerability
Authenticated SQL Injection SQLi vulnerability found by zerodetail & ratherbland in WordPress Cardoza Poll plugin versions = 36. Solution 2020-12-30 - we were unable to find a patched version of this plugin. WordPress.org notification - "This plugin has been closed as of June 23, 2020 and is not...
WordPress Cardoza Poll Plugin <= 33.5 - SQL Injection
Because of this vulnerability, remote authenticated users can execute arbitrary SQL commands. Solution Update the plugin...
WordPress Cardoza Poll Plugin <= 34.05 - Cross Site Request Forgery
This plugin is prone to a multiple external function remote poll manipulation. Solution Update the plugin...