4 matches found
CVE-2024-3600
The Poll Maker – Best WordPress Poll Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting due to a missing capability check on the ayspollmakerquickstart AJAX action in addition to insufficient escaping and sanitization in all versions up to, and including, 5.1.8. This makes i...
CVE-2024-3600
The Poll Maker – Best WordPress Poll Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting due to a missing capability check on the ayspollmakerquickstart AJAX action in addition to insufficient escaping and sanitization in all versions up to, and including, 5.1.8. This makes i...
CVE-2024-3600
CVE-2024-3600 affects the Poll Maker – Best WordPress Poll Plugin for WordPress. According to Red Hat and corroborated by Wordfence sources, it enables Stored Cross-Site Scripting due to a missing capability check on the ays_poll_maker_quick_start AJAX action and insufficient escaping/sanitizatio...
WordPress Poll Maker Plugin <= 5.1.8 is vulnerable to Cross Site Scripting (XSS)
Software Poll Maker Type Plugin Vulnerable versions = 5.1.8 Fixed in 5.1.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3600 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bd489978d30b Credits Krzysztof Zając Require...