Vulnerabilities > CVE-2022-1600 - Unspecified vulnerability in Yop-Poll YOP Poll

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
yop-poll

Summary

The YOP Poll WordPress plugin before 6.4.3 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations to vote in certain situations.

Vulnerable Configurations

Part Description Count
Application
Yop-Poll
95