Vulnerabilities > YOP Poll > YOP Poll > 6.1.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2023-6109 | Race Condition vulnerability in Yop-Poll YOP Poll The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. | 3.7 |
| 2022-08-01 | CVE-2022-1600 | Unspecified vulnerability in Yop-Poll YOP Poll The YOP Poll WordPress plugin before 6.4.3 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations to vote in certain situations. | 5.3 |
| 2021-11-17 | CVE-2021-24833 | Unspecified vulnerability in Yop-Poll YOP Poll The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability, which exists in the Admin preview module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. | 5.4 |
| 2021-11-17 | CVE-2021-24834 | Unspecified vulnerability in Yop-Poll YOP Poll The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll - Options module where a user with a role as low as author is allowed to execute arbitrary script code within the context of the application. | 5.4 |
| 2021-07-12 | CVE-2021-24454 | Unspecified vulnerability in Yop-Poll YOP Poll In the YOP Poll WordPress plugin before 6.2.8, when a pool is created with the options "Allow other answers", "Display other answers in the result list" and "Show results", it can lead to Stored Cross-Site Scripting issues as the 'Other' answer is not sanitised before being output in the page. | 6.1 |