PT-2025-2167 · WordPress · Wp-Polls

Name of the Vulnerable Software and Affected Versions: WP-Polls plugin for WordPress versions up to, and including, 2.77.2 Description: The issue arises from insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query, making it possible for...

WordPress WP-Polls plugin <= 2.77.2 - Unauthenticated SQL Injection to Stored Cross-Site Scripting vulnerability

Unauthenticated SQL Injection to Stored Cross-Site Scripting vulnerability discovered by Jack Taylor in WordPress Plugin WP-Polls versions = 2.77.2...