Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Voting Poll & Voting Contest 4.8.6

  • Severity: medium-risk
  • Status: Fixed
  • Publication: March 3, 2023

The Total Poll Lite plugin for WordPress is not secure in versions up to 4.8.6. Unauthenticated attackers can exploit this vulnerability and make changes to plugin settings if they can get a website administrator to click on a link. The reason for this is that the plugin has incorrect or missing security measures in place.

Detected in:

Poll | Vote | Contest – Best Poll Plugin for WordPress fixed vulnerable versions:
Poll | Voting fixed vulnerable versions:
Poll Plugin for WordPress | TotalPoll: Engage Users with Powerful Voting, Surveys, and Quizzes fixed vulnerable versions:
Total Poll: Powerful WordPress Poll Plugin for Voting, Surveys and Quizzes fixed vulnerable versions:
TotalPoll for Polls and Contests fixed vulnerable versions:
TOTALPOLL: Best WordPress Poll Plugin for Dynamic Voting, Contests, and Questionnaires fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.