9.9
CVE-2024-32514
- EPSS 0.65%
- Veröffentlicht 17.04.2024 08:15:07
- Zuletzt bearbeitet 28.04.2026 19:24:41
- Quelle audit@patchstack.com
- CVE-Watchlists
- Unerledigt
LoginWordPress WP Poll Maker plugin <= 3.4 - Authenticated Arbitrary File Upload vulnerability
Poll Maker <= 3.4 - Authenticated (Subscriber+) Arbitrary File Upload
Unrestricted Upload of File with Dangerous Type vulnerability in Poll Maker & Voting Plugin Team (InfoTheme) WP Poll Maker.This issue affects WP Poll Maker: from n/a through 3.4.
Mögliche Gegenmaßnahme
ePoll – Best WordPress Voting Plugin for Poll & Contest: Update to version 3.5, or a newer patched version
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Infotheme ≫ Wp Poll Maker SwPlatformwordpress Version < 3.5
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
ePoll – Best WordPress Voting Plugin for Poll & Contest
Version
*-3.4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.65% | 0.462 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| audit@patchstack.com | 9.9 | 3.1 | 6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
CWE-434 Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
https://patchstack.com/database/vulnerability/epoll-wp-voting/wordpress-wp-poll-maker-plugin-3-4-authenticated-arbitrary-file-upload-vulnerability?_s_id=cve
https://www.wordfence.com/threat-intel/vulnerabilities/id/8c2707ae-8dc0-417c-be4b-83db7dda9c76