429 matches found
CVE-2008-7046
AJ Square Free Polling Script AJPoll allows remote attackers to bypass authentication and create new polls via a direct request to admin/include/newpoll.php, a different vector than CVE-2008-7045. NOTE: the provenance of this information is unknown; the details are obtained solely from third part...
WordPress Polls CP plugin <= 1.0.75 - Admin+ Stored Cross-Site Scripting vulnerability
Admin+ Stored Cross-Site Scripting vulnerability discovered by Chinmay Vishwas Divekar in WordPress Plugin CP Polls versions = 1.0.75...
CVE-2024-8854
The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multi site setup...
CVE-2024-8851
The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multi site setup...
CVE-2024-8854
The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multi site setup...
CVE-2024-8851
The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multi site setup...
CVE-2024-8854 Polls CP <= 1.0.75 - Admin+ Stored XSS via Custom Styles
The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multi site setup...
CVE-2024-8851 Polls CP <= 1.0.75 - Admin+ Stored Cross-Site Scripting
The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multi site setup...
CVE-2024-8851 Polls CP <= 1.0.75 - Admin+ Stored Cross-Site Scripting
The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multi site setup...
CVE-2024-8851
The CVE pertains to the WordPress plugin Polls CP, affected versions prior to 1.0.77. The root cause is insufficient sanitisation and escaping of poll settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., admins), even when unfiltered_html is disallowed (notably in multi-s...
PT-2025-21537 · WordPress · Cp-Polls
Name of the Vulnerable Software and Affected Versions: Polls CP WordPress plugin versions prior to 1.0.77 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible because the plugin does not properly sanitise and escape...
WordPress plugin Polls CP 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2025-21536 · WordPress · Cp-Polls
Name of the Vulnerable Software and Affected Versions: Polls CP WordPress plugin versions prior to 1.0.77 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is disallowed, for...
WordPress plugin Polls CP 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2025-46466
Cross-Site Request Forgery CSRF vulnerability in felixtz Modern Polls modern-polls allows Stored XSS.This issue affects Modern Polls: from n/a through = 1.0.10...
WordPress Modern Polls plugin <= 1.0.10 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin Modern Polls versions = 1.0.10...
CVE-2025-46466
Cross-Site Request Forgery CSRF vulnerability in felixtz Modern Polls modern-polls allows Stored XSS.This issue affects Modern Polls: from n/a through = 1.0.10...
CVE-2025-46466
CVE-2025-46466 – Modern Polls (WordPress) CSRF to Stored XSS . A CSRF flaw in felixtz Modern Polls ≤1.0.10 can lead to stored XSS as described in the CVE entry. The linked sources confirm affected software (Modern Polls) and the vulnerability class (CSRF enabling Stored XSS) with a high-severity ...
CVE-2025-46466 WordPress Modern Polls plugin <= 1.0.10 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in felixtz Modern Polls modern-polls allows Stored XSS.This issue affects Modern Polls: from n/a through = 1.0.10...
CVE-2025-46466 WordPress Modern Polls plugin <= 1.0.10 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in felixtz Modern Polls allows Stored XSS. This issue affects Modern Polls: from n/a through 1.0.10...