15 matches found
EUVD-2024-29136
Malicious code in bioql PyPI...
EUVD-2024-26812
Malicious code in bioql PyPI...
EUVD-2024-30316
Malicious code in bioql PyPI...
CVE-2024-29818
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Poll Maker & Voting Plugin Team InfoTheme WP Poll Maker allows Stored XSS.This issue affects WP Poll Maker: from n/a through 3.1...
CVE-2024-31240
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in InfoTheme WP Poll Maker.This issue affects WP Poll Maker: from n/a through 3.1...
Poll Maker <= 3.4 - Authenticated (Subscriber+) Arbitrary File Upload
Description The WP Poll Maker – Best WordPress Poll Plugin for Voting Contest plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 3.4. This makes it possible for authenticated attackers, with subscriber-level acces...
CVE-2024-32514
CVE-2024-32514 is an Unrestricted Upload of File with Dangerous Type vulnerability in the WP Poll Maker plugin (Poll Maker – Best WordPress Poll Plugin for Voting Contest). The issue affects WP Poll Maker versions up to and including 3.4, with exploitation requiring at least Subscriber+ level acc...
PT-2024-24632 · WordPress · Wp Poll Maker
Name of the Vulnerable Software and Affected Versions: WP Poll Maker versions 3.4 and earlier Description: The issue is related to an Unrestricted Upload of File with Dangerous Type, which affects the WP Poll Maker plugin. This could potentially allow for malicious file uploads. Recommendations:...
CVE-2024-31240
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in InfoTheme WP Poll Maker.This issue affects WP Poll Maker: from n/a through 3.1...
CVE-2024-31240
CVE-2024-31240 is an improper pathname restriction (Path Traversal) vulnerability in the WordPress plugin WP Poll Maker , affecting versions up to 3.1. The flaw, titled “Improper Limitation of a Pathname to a Restricted Directory,” could allow an authenticated user with Subscriber+ privileges to ...
WP Poll Maker < 3.4 - Authenticated (Subscriber+) Arbitrary File Deletion
Description The WP Poll Maker – Best WordPress Poll Plugin for Voting Contest plugin for WordPress is vulnerable to arbitrary file deletion due to a missing capability check on the itepollthemeactionuninstall function and insufficient file path validation in all versions up to, and including, 3.1...
PT-2024-23882 · WordPress · Wp Poll Maker
Name of the Vulnerable Software and Affected Versions: WP Poll Maker versions prior to 3.1 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability. This allows for potential unauthorized access to files...
WP Poll Maker < 3.4 - Authenticated (Administrator+) Stored Cross-Site Scripting via settings
Description The WP Poll Maker – Best WordPress Poll Plugin for Voting Contest plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.1 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-29818
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Poll Maker & Voting Plugin Team InfoTheme WP Poll Maker allows Stored XSS.This issue affects WP Poll Maker: from n/a through 3.1...
PT-2024-23064 · WordPress · Wp Poll Maker
Name of the Vulnerable Software and Affected Versions: WP Poll Maker versions 3.1 and earlier Description: The issue is related to improper neutralization of input during web page generation, also known as 'Cross-site Scripting'. This allows for Stored XSS attacks. Recommendations: For WP Poll...