CVE-2020-11673

An issue was discovered in the Responsive Poll through 1.3.4 for Wordpress. It allows an unauthenticated user to manipulate polls, e.g., delete, clone, or view a hidden poll. This is due to the usage of the callback wpajaxnopriv function in Includes/Total-Soft-Poll-Ajax.php for sensitive operatio...

WordPress Responsive Poll Plugin <= 2.3.9 is vulnerable to SQL Injection

Software Responsive Poll Type Plugin Vulnerable versions = 2.3.9 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-9022 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 2e687784b00a Credits WordFence Required privilege Administrator Published...

WordPress Responsive Poll Authorization Issues Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Responsive Poll is a responsive poll plugin used in it. An authorization issue vulnerability exists in Wordpress Responsive Poll 1.3.4...

CVE-2020-11673

An issue was discovered in the Responsive Poll through 1.3.4 for Wordpress. It allows an unauthenticated user to manipulate polls, e.g., delete, clone, or view a hidden poll. This is due to the usage of the callback wpajaxnopriv function in Includes/Total-Soft-Poll-Ajax.php for sensitive operatio...

Design/Logic Flaw

An issue was discovered in the Responsive Poll through 1.3.4 for Wordpress. It allows an unauthenticated user to manipulate polls, e.g., delete, clone, or view a hidden poll. This is due to the usage of the callback wpajaxnopriv function in Includes/Total-Soft-Poll-Ajax.php for sensitive operatio...

CVE-2020-11673

CVE-2020-11673 affects the WordPress Responsive Poll plugin (versions

CVE-2020-11673

An issue was discovered in the Responsive Poll through 1.3.4 for Wordpress. It allows an unauthenticated user to manipulate polls, e.g., delete, clone, or view a hidden poll. This is due to the usage of the callback wpajaxnopriv function in Includes/Total-Soft-Poll-Ajax.php for sensitive operatio...

WordPress Responsive Poll plugin <= 1.3.2 - Unauthenticated Manipulation With Polls (delete, clone, or view a hidden poll) vulnerability

Unauthenticated Manipulation With Polls delete, clone, or view a hidden poll vulnerability discovered by pak0s in WordPress Responsive Poll plugin versions = 1.3.2. Solution Update the WordPress Responsive Poll plugin to the latest available version at least 1.3.4...

WordPress plugin Responsive Poll <= 1.7.4 - Cross-Site Scripting (XSS) & CSRF multiple vulnerabilities

WordPress plugin Responsive Poll = 1.7.4 affected by multiple vulnerabilities like Cross-Site Scripting XSS & Cross-Site Request Forgery CSRF. Lack of CSRF checks allows an unauthenticated attacker to modify polls. Also, the plugin fails to escape values put into HTML and thus makes possible for ...