9.8CVSS
9.9AI Score
0.001EPSS
6.1CVSS
6AI Score
0.001EPSS
The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations to vote in certain situations.
5.3CVSS
5.1AI Score
0.001EPSS
Auth. (subscriber+) Race Condition vulnerability in WP-Polls plugin <= 2.76.0 on WordPress.
4.3CVSS
4.1AI Score
0.001EPSS