Ays-pro

Poll Maker

24 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2026-8995

  • EPSS 0.28%
  • Veröffentlicht 29.05.2026 02:27:46
  • Zuletzt bearbeitet 29.05.2026 13:09:05

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to and including 6.3.7. This is due to insufficient access controls on the 'ays_poll_get_user_information'...

4.9

CVE-2025-12620

  • EPSS 0.26%
  • Veröffentlicht 13.11.2025 05:30:39
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to generic SQL Injection via the ‘filterbyauthor’ parameter in all versions up to, and including, 6.0.7 due to insufficient escaping on the user supplied p...

6.5

CVE-2025-57954

  • EPSS 0.29%
  • Veröffentlicht 22.09.2025 18:24:49
  • Zuletzt bearbeitet 23.04.2026 15:33:07

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Poll Maker poll-maker allows DOM-Based XSS.This issue affects Poll Maker: from n/a through <= 6.0.2.

5.3

CVE-2024-12575

  • EPSS 0.26%
  • Veröffentlicht 16.08.2025 02:24:33
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Basic Information Exposure in all versions up to, and including, 5.8.9 via the 'ays_finish_poll' AJAX action. This makes it possible for unauthenticated...

8.1

CVE-2025-47545

  • EPSS 0.28%
  • Veröffentlicht 07.05.2025 14:20:17
  • Zuletzt bearbeitet 23.04.2026 15:30:27

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Ays Pro Poll Maker poll-maker allows Leveraging Race Conditions.This issue affects Poll Maker: from n/a through <= 5.7.7.

9.8

CVE-2025-24577

  • EPSS 0.35%
  • Veröffentlicht 17.04.2025 15:48:20
  • Zuletzt bearbeitet 23.04.2026 15:25:02

Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 5.5.0.

4.8

CVE-2024-13602

Exploit
  • EPSS 0.25%
  • Veröffentlicht 16.03.2025 06:15:12
  • Zuletzt bearbeitet 09.04.2025 13:06:16

The Poll Maker WordPress plugin before 5.5.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowe...

9.8

CVE-2025-26971

  • EPSS 0.44%
  • Veröffentlicht 25.02.2025 15:15:30
  • Zuletzt bearbeitet 23.04.2026 15:26:09

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ays Pro Poll Maker poll-maker allows Blind SQL Injection.This issue affects Poll Maker: from n/a through <= 5.6.5.

5.3

CVE-2024-56277

  • EPSS 0.27%
  • Veröffentlicht 21.01.2025 14:15:09
  • Zuletzt bearbeitet 29.04.2026 10:16:38

Improper Encoding or Escaping of Output vulnerability in Ays Pro Poll Maker poll-maker.This issue affects Poll Maker: from n/a through < 5.5.5.

6.5

CVE-2024-56295

  • EPSS 0.43%
  • Veröffentlicht 15.01.2025 16:15:28
  • Zuletzt bearbeitet 23.04.2026 15:22:47

Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 5.5.6.