8 matches found
WordPress Poll 2.3.6 SQL Injection
Exploit Title: WordPress Poll Plugin SQL Injection Date: 2024-07-06 Exploit Author: tmrswrr Category : Webapps Vendor Homepage: https://total-soft.com/wp-poll/ Version 2.3.6 1. Access the Admin Panel: - Navigate to the admin panel of your WordPress site. - Go to TS Poll Create Pool Use Theme and...
The vulnerability of the “Create poll” module in the YOP Poll plugin of the WordPress content management system allows a hacker to perform cross-site scripting attacks.
The vulnerability of the “Create poll” module in the YOP Poll plugin of the WordPress content management system is related to the lack of protection for website structure when processing parameters such as “Vote Button Label”, “Show Results Link”, and “Display Back to vote Link”. Exploiting this...
CVE-2021-24833
The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability, which exists in the Admin preview module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is due to...
CVE-2021-24834
The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll - Options module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is...
Cross site scripting
The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll - Options module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is...
CVE-2021-24833 YOP Poll < 6.3.1 - Author+ Stored Cross-Site Scripting via Preview Module
The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability, which exists in the Admin preview module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. This vulnerability is due to...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platform developed by the Wordpress Foundation using the PHP language. The platform supports the hosting of personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress YOP Poll Plugin, which stems from a lack of...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress Plugin YOP Poll, which stems from the...