Ays-pro Poll_maker
20 CVEs affecting Ays-pro Poll_maker. Latest disclosed: 2025-05-07. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-26971 | High | 7.6 | 2025-02-25 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ays Pro Poll Maker poll-maker allows Blind SQL Injection… |
CVE-2021-24651 | High | 7.5 | 2021-10-11 | The Poll Maker WordPress plugin before 3.4.2 allows unauthenticated users to perform SQL injection via the ays_finish_poll AJAX action. While the result is not… |
CVE-2024-3600 | High | 7.2 | 2024-04-19 | The Poll Maker – Best WordPress Poll Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting due to a missing capability check on the ays_poll… |
CVE-2021-24483 | High | 7.2 | 2021-08-02 | The get_poll_categories(), get_polls() and get_reports() functions in the Poll Maker WordPress plugin before 3.2.1 did not use whitelist or validate the orderb… |
CVE-2023-41871 | High | 7.1 | 2023-09-25 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Poll Maker Team Poll Maker plugin <= 4.7.0 versions. |
CVE-2025-24577 | Medium | 6.5 | 2025-04-17 | Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects… |
CVE-2024-56295 | Medium | 6.5 | 2025-01-15 | Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects… |
CVE-2021-34635 | Medium | 6.1 | 2021-08-02 | The Poll Maker WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the mcount parameter found in the ~/admin/partials/settings/poll-maker-sett… |
CVE-2024-9462 | Medium | 5.5 | 2024-10-26 | The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Stored Cross-Site Scripting via poll settings in all versions… |
CVE-2025-47545 | Medium | 5.3 | 2025-05-07 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Ays Pro Poll Maker poll-maker allows Leveraging Ra… |
CVE-2024-56277 | Medium | 5.3 | 2025-01-21 | Improper Encoding or Escaping of Output vulnerability in Ays Pro Poll Maker poll-maker.This issue affects Poll Maker: from n/a through < 5.5.5. |
CVE-2023-45766 | Medium | 5.3 | 2025-01-02 | Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects… |
CVE-2023-50904 | Medium | 5.3 | 2024-12-09 | Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects… |
CVE-2024-3601 | Medium | 5.3 | 2024-05-02 | The Poll Maker – Best WordPress Poll Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ays_poll… |
CVE-2024-9874 | Medium | 4.9 | 2024-11-09 | The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all v… |
CVE-2024-9475 | Medium | 4.9 | 2024-10-26 | The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to generic SQL Injection via the order_by parameter in all versi… |
CVE-2024-13602 | Medium | 4.8 | 2025-03-16 | The Poll Maker WordPress plugin before 5.5.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perfor… |
CVE-2022-1456 | Medium | 4.8 | 2022-05-30 | The Poll Maker WordPress plugin before 4.0.2 does not sanitise and escape some settings, which could allow high privilege users such as admin to perform Store… |
CVE-2023-34013 | Medium | 4.4 | 2023-11-13 | Server-Side Request Forgery (SSRF) vulnerability in Poll Maker Team Poll Maker – Best WordPress Poll Plugin.This issue affects Poll Maker – Best WordPress Poll… |
CVE-2024-12115 | Medium | 4.3 | 2024-12-07 | The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and includi… |