Lucene search
WordfenceWPEX-ID:9E56EC9A-A031-4EED-B3EB-F5C6F9AF5214HistoryJul 28, 2021 - 12:00 a.m.
Poll Maker < 3.2.9 - Reflected Cross-Site Scripting
2021-07-2800:00:00
Wordfence
121
poll maker
cross-site scripting
reflected
exploit
EPSS
0.001
Percentile
32.7%
The Poll Maker WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the mcount parameter found in the ~/admin/partials/settings/poll-maker-settings.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.2.8.
https://example.com/wp-admin/admin.php?page=poll-maker-ays-settings&del_stat=1&mcount=<script>alert(/test/)</script>
Related
nvd
nvd
CVE-2021-34635
2021-08-02 21:15:08
wpvulndb
wpvulndb
Poll Maker < 3.2.9 - Reflected Cross-Site Scripting
2021-07-28 00:00:00
cvelist
cvelist
CVE-2021-34635 Poll Maker <= 3.2.8 - Reflected Cross-Site Scripting
2021-08-02 20:39:20
prion
prion
Cross site scripting
2021-08-02 21:15:00
patchstack
patchstack
cve
cve
CVE-2021-34635
2021-08-02 21:15:08