Vulnerabilities > Sodahead > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-01-01 | CVE-2011-5304 | Cross-site Scripting vulnerability in Sodahead Polls 2.0.3 Multiple cross-site scripting (XSS) vulnerabilities in the Sodahead Polls plugin before 2.0.4 for WordPress allow remote attackers to inject arbitrary web script or HTML via (1) the poll_id parameter to customizer.php or (2) the customize parameter to poll.php. | 4.3 |