Codepeople ≫ Polls Cp

The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disall...

The Polls CP WordPress plugin before 1.0.77 does not sanitise and escape some of its poll settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disall...

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in CodePeople CP Polls allows Code Injection.This issue affects CP Polls: from n/a through 1.0.71.

: Improper Control of Interaction Frequency vulnerability in CodePeople CP Polls allows Flooding.This issue affects CP Polls: from n/a through 1.0.71.

A vulnerability has been found in codepeople cp-polls Plugin 1.0.1 on WordPress and classified as critical. This vulnerability affects unknown code of the file cp-admin-int-message-list.inc.php. The manipulation of the argument lu leads to sql inject...

The cp-polls plugin before 1.0.1 for WordPress has XSS in the votes list.

The cp-polls plugin before 1.0.5 for WordPress has XSS.