Lucene search
K

429 matches found

CVE
CVE
added 2025/06/20 3:3 p.m.20 views

CVE-2025-50025

CVE-2025-50025 is a stored Cross-Site Scripting vulnerability in the WordPress plugin CP Polls (codepeople CP Polls). Connected sources confirm the issue affects CP Polls versions 1.0.0 through 1.0.81 and stems from improper input neutralization during web page generation. Remediation advised in ...

5.9CVSS5.9AI score0.00218EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/20 3:3 p.m.2 views

CVE-2025-50025 WordPress CP Polls plugin <= 1.0.81 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople CP Polls allows Stored XSS. This issue affects CP Polls: from n/a through 1.0.81...

5.9CVSS6.9AI score0.00218EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/20 3:3 p.m.10 views

CVE-2025-50025 WordPress CP Polls plugin <= 1.0.81 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in codepeople CP Polls cp-polls allows Stored XSS.This issue affects CP Polls: from n/a through = 1.0.81...

5.9CVSS0.00218EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/20 12:0 a.m.3 views

PT-2025-26382 · Codepeople · Cp-Polls

Name of the Vulnerable Software and Affected Versions: codepeople CP Polls versions 1.0.0 through 1.0.81 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...

5.9CVSS5.8AI score0.00218EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.4 views

WordPress plugin CP Polls 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress CP Polls plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, whi...

5.9CVSS6AI score0.00218EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/06/19 4:27 p.m.7 views

WordPress CP Polls plugin <= 1.0.81 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin CP Polls versions = 1.0.81...

5.9CVSS5.8AI score0.00218EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 8:48 a.m.7 views

CVE-2024-24874

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in CodePeople CP Polls allows Code Injection.This issue affects CP Polls: from n/a through 1.0.71...

5.3CVSS6.5AI score0.00413EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:48 a.m.6 views

CVE-2024-24873

: Improper Control of Interaction Frequency vulnerability in CodePeople CP Polls allows Flooding.This issue affects CP Polls: from n/a through 1.0.71...

5.3CVSS7AI score0.0042EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:44 a.m.4 views

CVE-2023-43814

Discourse is an open source platform for community discussion. Attackers with details specific to a poll in a topic can use the /polls/groupedpollresults endpoint to view the content of options in the poll and the number of votes for groups of poll participants. This impacts private polls where t...

3.7CVSS6.6AI score0.00314EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:31 p.m.5 views

CVE-2022-1581

The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations to vote in certain situations...

5.3CVSS6.6AI score0.0063EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:36 p.m.6 views

CVE-2021-43793

Discourse is an open source discussion platform. In affected versions a vulnerability in the Polls feature allowed users to vote multiple times in a single-option poll. The problem is patched in the latest tests-passed, beta and stable versions of Discourse...

4.3CVSS6.6AI score0.00756EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 5:24 p.m.6 views

CVE-2020-11673

An issue was discovered in the Responsive Poll through 1.3.4 for Wordpress. It allows an unauthenticated user to manipulate polls, e.g., delete, clone, or view a hidden poll. This is due to the usage of the callback wpajaxnopriv function in Includes/Total-Soft-Poll-Ajax.php for sensitive operatio...

9.8CVSS9.1AI score0.03525EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:47 p.m.9 views

CVE-2020-23754

Cross Site Scripting XSS vulnerability in infusions/memberpollpanel/polladmin.php in PHP-Fusion 9.03.50, allows attackers to execute arbitrary code, via the polls feature...

9.6CVSS6.3AI score0.0155EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:5 a.m.6 views

CVE-2014-125091

A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 on WordPress and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql injection. The attack can be initiated remotely...

9.8CVSS8.3AI score0.00788EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:57 a.m.8 views

CVE-2015-9346

The cp-polls plugin before 1.0.5 for WordPress has XSS...

6.1CVSS6.9AI score0.00913EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:50 a.m.8 views

CVE-2014-10395

The cp-polls plugin before 1.0.1 for WordPress has XSS in the votes list...

6.1CVSS6.2AI score0.00913EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:41 a.m.6 views

CVE-2015-9352

The wp-polls plugin before 2.72 for WordPress has SQL injection...

9.8CVSS7.5AI score0.01795EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:55 a.m.8 views

CVE-2011-5304

Multiple cross-site scripting XSS vulnerabilities in the Sodahead Polls plugin before 2.0.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via 1 the pollid parameter to customizer.php or 2 the customize parameter to poll.php...

4.3CVSS6.1AI score0.02044EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:38 a.m.9 views

CVE-2010-5004

SQL injection vulnerability in searchvote.php in 2daybiz Polls aka Advanced Poll Script allows remote attackers to execute arbitrary SQL commands via the category parameter...

7.5CVSS8.8AI score0.00929EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:11 a.m.6 views

CVE-2010-1081

Directory traversal vulnerability in the Community Polls comcommunitypolls component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php...

5CVSS7.1AI score0.14331EPSS
Exploits1References1
Rows per page
Query Builder