Vulnerabilities > AYS PRO > Poll Maker > 5.4.8

DATE CVE VULNERABILITY TITLE RISK
2025-05-07 CVE-2025-47545 Race Condition vulnerability in Ays-Pro Poll Maker
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Ays Pro Poll Maker allows Leveraging Race Conditions.
network
high complexity
ays-pro CWE-362
8.1
8.1
2025-04-17 CVE-2025-24577 Missing Authorization vulnerability in Ays-Pro Poll Maker
Missing Authorization vulnerability in Ays Pro Poll Maker allows Exploiting Incorrectly Configured Access Control Security Levels.
network
low complexity
ays-pro CWE-862
critical
 9.8
9.8
2025-02-25 CVE-2025-26971 SQL Injection vulnerability in Ays-Pro Poll Maker
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ays-pro Poll Maker allows Blind SQL Injection.
network
low complexity
ays-pro CWE-89
critical
 9.8
9.8
2025-01-15 CVE-2024-56295 Missing Authorization vulnerability in Ays-Pro Poll Maker
Missing Authorization vulnerability in Poll Maker Team Poll Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through 5.5.6.
network
low complexity
ays-pro CWE-862
6.5
6.5
2024-12-07 CVE-2024-12115 Cross-Site Request Forgery (CSRF) vulnerability in Ays-Pro Poll Maker
The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.5.4.
network
low complexity
ays-pro CWE-352
4.3
4.3