CVE-2024-43338
- EPSS 0.04%
- Published 19.11.2024 17:15:09
- Last modified 19.11.2024 21:57:32
Cross-Site Request Forgery (CSRF) vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls, Surveys & more allows Cross Site Request Forgery.This issue affects Crowdsignal Dashboard – Polls, Surveys & more: from n/a through 3.1.2.
CVE-2023-51489
- EPSS 0.05%
- Published 16.03.2024 01:15:49
- Last modified 27.02.2025 03:24:36
Cross-Site Request Forgery (CSRF) vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls, Surveys & more.This issue affects Crowdsignal Dashboard – Polls, Surveys & more: from n/a through 3.0.11.
CVE-2023-51488
- EPSS 0.07%
- Published 10.02.2024 09:15:08
- Last modified 21.11.2024 08:38:13
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls, Surveys & more allows Reflected XSS.This issue affects Crowdsignal Dashboard – Polls, Surveys & more...
CVE-2022-45069
- EPSS 0.25%
- Published 17.11.2022 23:15:24
- Last modified 21.11.2024 07:28:43
Auth. (contributor+) Privilege Escalation vulnerability in Crowdsignal Dashboard plugin <= 3.0.9 on WordPress.
CVE-2022-2386
- EPSS 0.2%
- Published 08.08.2022 14:15:09
- Last modified 21.11.2024 07:00:53
The Crowdsignal Dashboard WordPress plugin before 3.0.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting