ThreatPress

WordPress Vulnerabilities Database

Back

WordPress CP Polls Plugin 1.0.8 - Multiple Vulnerabilities

Product
CP Polls
Description
There are some multiple vulnerabilities in this plugin, such as XSS, CSRF and file download issue. Because of these vulnerabilities, an attacker can inject malicious payload into a votation, inject malicious HTML or JavaScript codes or attack an administrator.
Solution
Update the plugin.
Classification
Type Multi
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.0.8
Fixed In 1.0.9
Disclosure date
2016-03-01
Credits
i0akiN SEC-LABORATORY