Vulnerabilities > AYS PRO > Poll Maker > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-13 | CVE-2023-34013 | Unspecified vulnerability in Ays-Pro Poll Maker Server-Side Request Forgery (SSRF) vulnerability in Poll Maker Team Poll Maker – Best WordPress Poll Plugin.This issue affects Poll Maker – Best WordPress Poll Plugin: from n/a through 4.6.2. | 7.5 |
| 2021-10-11 | CVE-2021-24651 | Unspecified vulnerability in Ays-Pro Poll Maker The Poll Maker WordPress plugin before 3.4.2 allows unauthenticated users to perform SQL injection via the ays_finish_poll AJAX action. | 7.5 |
| 2021-08-02 | CVE-2021-24483 | Unspecified vulnerability in Ays-Pro Poll Maker The get_poll_categories(), get_polls() and get_reports() functions in the Poll Maker WordPress plugin before 3.2.1 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard | 7.2 |