Yop-poll Yop_poll
6 CVEs affecting Yop-poll Yop_poll. Latest disclosed: 2023-11-14. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-24454 | Medium | 6.1 | 2021-07-12 | In the YOP Poll WordPress plugin before 6.2.8, when a pool is created with the options "Allow other answers", "Display other answers in the result list" and "S… |
CVE-2021-24834 | Medium | 5.4 | 2021-11-17 | The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll - Options module where a… |
CVE-2021-24833 | Medium | 5.4 | 2021-11-17 | The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability, which exists in the Admin preview module where a user wi… |
CVE-2017-2127 | Medium | 5.4 | 2017-04-28 | Cross-site scripting vulnerability in YOP Poll versions prior to 5.8.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
CVE-2023-6109 | Medium | 5.3 | 2023-11-14 | The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. This is due to improper restrictions on the a… |
CVE-2022-1600 | Medium | 5.3 | 2022-08-01 | The YOP Poll WordPress plugin before 6.4.3 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypa… |