Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wordpress poll vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-34656
Authenticated (admin+) Cross-Site Scripting (XSS) vulnerability in wpdevart Poll, Survey, Questionnaire and Voting system plugin <= 1.7.4 at WordPress.
Wpdevart Poll\\, Survey\\, Questionnaire And Voting System
7.5
CVSSv2
CVE-2021-24442
The Poll, Survey, Questionnaire and Voting system WordPress plugin prior to 1.5.3 did not sanitise, escape or validate the date_answers[] POST parameter before using it in a SQL statement when sending a Poll result, allowing unauthenticated users to perform SQL Injection attacks
Wpdevart Poll\\, Survey\\, Questionnaire And Voting System
4.3
CVSSv2
CVE-2019-9567
The "Forminator Contact Form, Poll & Quiz Builder" plugin prior to 1.6 for WordPress has XSS via a custom input field of a poll.
Incsub Forminator
NA
CVE-2024-3601
The Poll Maker – Best WordPress Poll Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_poll_create_author function in all versions up to, and including, 5.1.8. This makes it possible for unauthenticated mal...
4.3
CVSSv2
CVE-2016-10936
The wp-polls plugin prior to 2.73.1 for WordPress has XSS via the Poll bar option.
Wp-polls Project Wp-polls
NA
CVE-2024-3600
The Poll Maker – Best WordPress Poll Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting due to a missing capability check on the ays_poll_maker_quick_start AJAX action in addition to insufficient escaping and sanitization in all versions up to, and inc...
4
CVSSv2
CVE-2019-9568
The "Forminator Contact Form, Poll & Quiz Builder" plugin prior to 1.6 for WordPress has SQL Injection via the wp-admin/admin.php?page=forminator-entries entry[] parameter if the attacker has the delete permission.
Incsub Forminator
NA
CVE-2023-4642
The kk Star Ratings WordPress plugin prior to 5.4.6 does not implement atomic operations, allowing one user vote multiple times on a poll due to a Race Condition.
Kamalkhan Kk Star Ratings
NA
CVE-2023-2010
The Forminator WordPress plugin prior to 1.24.1 does not use an atomic operation to check whether a user has already voted, and then update that information. This leads to a Race Condition that may allow a single user to vote multiple times on a poll.
Incsub Forminator
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3