Lucene search
+L

264 matches found

wpvulndb
wpvulndb
added 2021/07/28 12:0 a.m.19 views

Poll Maker < 3.2.9 - Reflected Cross-Site Scripting

The Poll Maker WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the mcount parameter found in the /admin/partials/settings/poll-maker-settings.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.2.8. PoC...

4.3CVSS2.9AI score0.00938EPSS
Exploits2References1Affected Software1
patchstack
patchstack
added 2021/07/26 12:0 a.m.20 views

WordPress Poll Maker plugin <= 3.2.8 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Xu-Liang Liao in WordPress Poll Maker plugin versions = 3.2.8. Solution Update the WordPress Poll Maker plugin to the latest available version at least 3.2.9...

6.1CVSS2.7AI score0.00938EPSS
Exploits3References3Affected Software1
patchstack
patchstack
added 2021/06/29 12:0 a.m.22 views

WordPress Poll Maker plugin <= 3.2.0 - Authenticated Blind SQL Injection (SQLi) vulnerability

Authenticated Blind SQL Injection SQLi vulnerability discovered by To Quang Duong in WordPress Poll Maker plugin versions = 3.2.0. Solution Update the WordPress Poll Maker plugin to the latest available version at least 3.2.1...

7.2CVSS2.8AI score0.01409EPSS
Exploits2References3Affected Software1
wpexploit
wpexploit
added 2021/06/29 12:0 a.m.728 views

Poll Maker < 3.2.1 - Authenticated Blind SQL Injections

The getpollcategories, getpolls and getreports functions in the plugin did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the getresults DB calls, leading to SQL injection issues in the admin dashboard SQLMAP: python sqlmap.py -r r.txt -p orderby...

6.5CVSS0.7AI score0.01409EPSS
Exploits2
Rows per page
Query Builder