Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

47 matches found

Packet Storm
Packet Stormadded 2026/02/02 12:0 a.m.111 views

📄 WP-Polls 2.73 Cross Site Scripting

A cross site scripting vulnerability exists in WP-Polls WordPress Plugin version 2.73. This issue is older research added to the archive. WP-Polls 2.73 - Reflected Cross-site Scripting Advisory ID: RO-16-005 CVE ID: CVE-2016-10936 Severity: Medium Vendor: WordPress Product: WP-Polls Version: 2.73...

6.1CVSS4.9AI score0.0019EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2026/01/09 11:10 a.m.6 views

CVE-2016-10936

The wp-polls plugin before 2.73.1 for WordPress has XSS via the Poll bar option...

6.1CVSS6AI score0.0019EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2016-1927

Malware in sbrugna...

6.1CVSS6.3AI score0.0019EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2015-9192

Malware in sbrugna...

9.8CVSS9.5AI score0.00513EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-43448

Malicious code in bioql PyPI...

4.3CVSS4.4AI score0.00203EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-24872

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00295EPSS
Exploits1References3
NVD
NVDadded 2025/01/22 3:15 a.m.9 views

CVE-2024-13426

The WP-Polls plugin for WordPress is vulnerable to SQL Injection via COOKIE in all versions up to, and including, 2.77.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers t...

5.4CVSS0.00681EPSS
Exploits0References9
Vulnrichment
Vulnrichmentadded 2025/01/22 2:20 a.m.12 views

CVE-2024-13426 WP-Polls <= 2.77.2 - Unauthenticated SQL Injection to Stored Cross-Site Scripting

The WP-Polls plugin for WordPress is vulnerable to SQL Injection via COOKIE in all versions up to, and including, 2.77.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers t...

5.4CVSS7.4AI score0.00681EPSS
Exploits0References9
Cvelist
Cvelistadded 2025/01/22 2:20 a.m.16 views

CVE-2024-13426 WP-Polls <= 2.77.2 - Unauthenticated SQL Injection to Stored Cross-Site Scripting

The WP-Polls plugin for WordPress is vulnerable to SQL Injection via COOKIE in all versions up to, and including, 2.77.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers t...

5.4CVSS0.00681EPSS
Exploits0References9
CVE
CVEadded 2025/01/22 2:20 a.m.58 views

CVE-2024-13426

CVE-2024-13426 concerns the WordPress WP-Polls plugin up to version 2.77.2. The issue is an unauthenticated SQL Injection via COOKIE caused by insufficient escaping and inadequate query preparation, allowing an attacker to append additional SQL; the description notes a payload could also inject m...

5.4CVSS5.9AI score0.00681EPSS
Exploits0References9Affected Software1
CNNVD
CNNVDadded 2025/01/22 12:0 a.m.2 views

WordPress plugin WP-Polls SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

5.4CVSS9.1AI score0.00681EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2025/01/22 12:0 a.m.3 views

PT-2025-2167 · WordPress · Wp-Polls

Name of the Vulnerable Software and Affected Versions: WP-Polls plugin for WordPress versions up to, and including, 2.77.2 Description: The issue arises from insufficient escaping on the user-supplied parameter and lack of sufficient preparation on the existing SQL query, making it possible for...

5.4CVSS7.6AI score0.00681EPSS
Exploits0References15
Tenable Nessus
Tenable Nessusadded 2022/12/27 12:0 a.m.39 views

WP-Polls Plugin for WordPress < 2.77.0 Stored Cross-Site Scripting

The WordPress WP-Pools Plugin installed on the remote host is affected by a Race Condition. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number. No source data...

4.3CVSS7.4AI score0.00203EPSS
Exploits0References2
CNVD
CNVDadded 2022/11/23 12:0 a.m.18 views

WordPress WP-Polls Bypasses IP-Based Restrictions Vulnerability

WP-Polls is a WordPress polling plugin. A vulnerability exists in WordPress WP-Polls versions prior to 2.76.0 to bypass IP-based restrictions. The vulnerability stems from prioritizing the IP of visitors from certain HTTP headers instead of PHP's REMOTEADDR, which can be exploited by an attacker ...

5.3CVSS5.1AI score0.00295EPSS
Exploits1References1
Prion
Prionadded 2022/11/21 11:15 a.m.10 views

Design/Logic Flaw

The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations to vote in certain situations...

5CVSS5.2AI score0.00295EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2022/11/21 12:0 a.m.57 views

CVE-2022-1581

CVE-2022-1581 affects the WordPress plugin WP-Polls prior to version 2.76.0. The vulnerability arises because the plugin prioritizes the visitor’s IP taken from certain HTTP headers over PHP’s REMOTE_ADDR, enabling bypass of IP-based voting restrictions in certain scenarios. According to connecte...

5.3CVSS5.1AI score0.00295EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2022/11/21 12:0 a.m.5 views

CVE-2022-1581 WP-Polls < 2.76.0 - IP Validation Bypass

The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations to vote in certain situations...

6.9AI score0.00295EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/11/21 12:0 a.m.12 views

CVE-2022-1581 WP-Polls < 2.76.0 - IP Validation Bypass

The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTEADDR, which makes it possible to bypass IP-based limitations to vote in certain situations...

5.5AI score0.00295EPSS
Exploits1References2
NVD
NVDadded 2022/11/18 11:15 p.m.8 views

CVE-2022-40130

Auth. subscriber+ Race Condition vulnerability in WP-Polls plugin = 2.76.0 on WordPress...

4.3CVSS0.00203EPSS
Exploits0References2
Prion
Prionadded 2022/11/18 11:15 p.m.10 views

Race condition

Auth. subscriber+ Race Condition vulnerability in WP-Polls plugin = 2.76.0 on WordPress...

2.1CVSS4.2AI score0.00203EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder