ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Polldaddy Polls & Ratings Plugin <= 2.0.23 - Reflected XSS

Product
Polldaddy Polls & Ratings
Description
This plugin is prone to a reflected cross site scripting vulnerability in polldaddy-org.php polldaddy-ratings-title-filter parameter.
Solution
Upgrade the plugin.
Classification
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
References
Security Focus
CVE
Name CVE-N/A
Versions
Affected In <= 2.0.23
Fixed In 2.0.24
Disclosure date
2015-05-15
Credits
Props vortfu