47 matches found
CVE-2025-26971 WordPress Poll Maker <= 5.6.5 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ays Pro Poll Maker poll-maker allows Blind SQL Injection.This issue affects Poll Maker: from n/a through = 5.6.5...
CVE-2024-56277 WordPress Poll Maker Plugin < 5.5.5 - HTML Injection vulnerability
Improper Encoding or Escaping of Output vulnerability in Ays Pro Poll Maker poll-maker.This issue affects Poll Maker: from n/a through 5.5.5...
CVE-2024-56295 WordPress Poll Maker plugin <= 5.5.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through = 5.5.6...
CVE-2024-56295
CVE-2024-56295 is a Missing Authorization vulnerability in the WordPress Poll Maker (Poll Maker) plugin, relating to incorrectly configured access control. Affected range: Poll Maker versions up to 5.5.6 (no details on exploitation). The connected sources indicate a fix in version 5.5.6. Remediat...
CVE-2023-45766 WordPress Poll Maker plugin <= 4.7.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through = 4.7.1...
CVE-2023-36531
Missing Authorization vulnerability in liquidpoll LiquidPoll wp-poll allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LiquidPoll: from n/a through = 3.3.68...
WordPress Poll Maker plugin <= 5.4.6 - Authenticated (Administrator+) Time-Based SQL Injection vulnerability
Authenticated Administrator+ Time-Based SQL Injection vulnerability discovered by tmrswrr in WordPress Plugin Poll Maker versions = 5.4.6...
WordPress Poll Maker Plugin <= 5.4.6 is vulnerable to SQL Injection
Software Poll Maker Type Plugin Vulnerable versions = 5.4.6 Fixed in 5.4.7 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-9874 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 26f7f7b011e3 Credits tmrswrr Required privilege Administrator Published 8...
WordPress Poll Maker plugin <= 5.4.6 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Poll Maker versions = 5.4.6...
WordPress Poll Maker Plugin <= 5.4.6 is vulnerable to SQL Injection
Software Poll Maker Type Plugin Vulnerable versions = 5.4.6 Fixed in 5.4.7 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-9475 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID be15c21e4c00 Credits Ivan Kuzymchak Required privilege Administrator Publish...
WordPress Poll Maker Plugin <= 5.4.6 is vulnerable to Cross Site Scripting (XSS)
Software Poll Maker Type Plugin Vulnerable versions = 5.4.6 Fixed in 5.4.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9462 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 285124c9b4b8 Credits Jonas Benjamin Friedli Requir...
WordPress Poll Maker plugin <= 5.1.8 - Missing Authorization to Unauthenticated Email Enumeration vulnerability
Missing Authorization to Unauthenticated Email Enumeration vulnerability discovered by Krzysztof Zając in WordPress Plugin Poll Maker versions = 5.1.8...
WordPress Poll Maker Plugin <= 5.1.8 is vulnerable to Broken Access Control
Software Poll Maker Type Plugin Vulnerable versions = 5.1.8 Fixed in 5.1.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-3601 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 63b85f561955 Credits Krzysztof Zając Required privilege...
WordPress Poll Maker Plugin <= 5.1.8 is vulnerable to Cross Site Scripting (XSS)
Software Poll Maker Type Plugin Vulnerable versions = 5.1.8 Fixed in 5.1.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3600 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID bd489978d30b Credits Krzysztof Zając Require...
WordPress WP Poll Maker plugin <= 3.4 - Authenticated Arbitrary File Upload vulnerability
Authenticated Arbitrary File Upload vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin WP Poll Maker versions = 3.4...
WordPress WP Poll Maker Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS)
Software WP Poll Maker Type Plugin Vulnerable versions = 3.1 Fixed in 3.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29818 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID bde676e2b02e Credits Dhabaleshwar Das Required privilege...
WordPress Poll Maker Plugin <= 4.8.0 is vulnerable to Broken Access Control
Software Poll Maker Type Plugin Vulnerable versions = 4.8.0 Fixed in 4.8.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-50904 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID acddbd8f12ba Credits Abdi Pranata Required...
CVE-2023-34013 WordPress Poll Maker Plugin <= 4.6.2 is vulnerable to Server Side Request Forgery (SSRF)
Server-Side Request Forgery SSRF vulnerability in Poll Maker Team Poll Maker – Best WordPress Poll Plugin.This issue affects Poll Maker – Best WordPress Poll Plugin: from n/a through 4.6.2...
WordPress Poll Maker Plugin <= 4.7.1 is vulnerable to Broken Access Control
Software Poll Maker Type Plugin Vulnerable versions = 4.7.1 Fixed in 4.7.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-45766 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 63dcd5a4b5a6 Credits Revan Arifio Required privilege...
WordPress Poll Maker Plugin <= 4.7.0 is vulnerable to Cross Site Scripting (XSS)
Software Poll Maker Type Plugin Vulnerable versions = 4.7.0 Fixed in 4.7.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-41871 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fe5a513df2c9 Credits Le Ngoc Anh Required privilege...