14 matches found
EUVD-2025-15234
Malicious code in bioql PyPI...
CVE-2024-8854
The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multi site setup...
CVE-2024-8851
The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multi site setup...
CVE-2024-8851
The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multi site setup...
CVE-2024-8854 Polls CP <= 1.0.75 - Admin+ Stored XSS via Custom Styles
The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multi site setup...
CVE-2024-8851 Polls CP <= 1.0.75 - Admin+ Stored Cross-Site Scripting
The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multi site setup...
CVE-2024-8851 Polls CP <= 1.0.75 - Admin+ Stored Cross-Site Scripting
The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multi site setup...
CVE-2024-8851
The CVE pertains to the WordPress plugin Polls CP, affected versions prior to 1.0.77. The root cause is insufficient sanitisation and escaping of poll settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., admins), even when unfiltered_html is disallowed (notably in multi-s...
WordPress plugin Polls CP 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2025-21537 · WordPress · Cp-Polls
Name of the Vulnerable Software and Affected Versions: Polls CP WordPress plugin versions prior to 1.0.77 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible because the plugin does not properly sanitise and escape...
PT-2025-21536 · WordPress · Cp-Polls
Name of the Vulnerable Software and Affected Versions: Polls CP WordPress plugin versions prior to 1.0.77 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is disallowed, for...
WordPress plugin Polls CP 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CP Polls < 1.0.72 - Unauthenticated Poll Limit Bypass
Description The Polls CP plugin for WordPress is vulnerable to Poll Limit Bypass in all versions up to, and including, 1.0.71. This is due to insufficient controls on on the voting system. This makes it possible for unauthenticated attackers to vote multiple times...
CP Polls <= 1.0.8 - Multiple XSS Vulnerabilities
The Polls CP WordPress plugin was affected by a Multiple XSS Vulnerabilities security vulnerability...