Vulnerabilities > WP Polls Project

DATE CVE VULNERABILITY TITLE RISK
2022-11-21 CVE-2022-1581 Unspecified vulnerability in Wp-Polls Project Wp-Polls
The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations to vote in certain situations.
network
low complexity
wp-polls-project
5.3
2022-11-18 CVE-2022-40130 Race Condition vulnerability in Wp-Polls Project Wp-Polls
Auth.
network
high complexity
wp-polls-project CWE-362
3.1
2019-08-27 CVE-2016-10936 Cross-site Scripting vulnerability in Wp-Polls Project Wp-Polls
The wp-polls plugin before 2.73.1 for WordPress has XSS via the Poll bar option.
4.3
2019-08-27 CVE-2015-9352 SQL Injection vulnerability in Wp-Polls Project Wp-Polls 2.70/2.71
The wp-polls plugin before 2.72 for WordPress has SQL injection.
network
low complexity
wp-polls-project CWE-89
7.5