What is CVE-2026-8995?

CVE-2026-8995 is a medium-severity vulnerability in Ays-pro Poll Maker By Ays – Versus Polls, Anonymous Image Polls, classified under Information Disclosure. CVSS score: 4.3/10. Published 2026-05-29.

How severe is CVE-2026-8995?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Information disclosure in Ays-pro Poll Maker By Ays – Versus Polls, Anonymous Image Polls

CVE-2026-8995

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to and including 6.3.7. This is due to insufficient access controls on the 'ays_poll_get_user_i…

Vulnerability class: Information Disclosure

EPSS: 0.001 (15.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N.

Affected products

Ays-pro Poll Maker By Ays – Versus Polls, Anonymous Image Polls — versions 0

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

Frequently asked questions

What is CVE-2026-8995?: CVE-2026-8995 is a medium-severity vulnerability in Ays-pro Poll Maker By Ays – Versus Polls, Anonymous Image Polls, classified under Information Disclosure. CVSS score: 4.3/10. Published 2026-05-29.
How severe is CVE-2026-8995?: Medium severity. CVSS v3 base score is 4.3 out of 10.