Poll Maker
Approved changes feed: RSS · Atom
cpe:2.3:a:ays_pro:poll_maker:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Ays Pro (baec0466-3d3a-5cae-863d-5da547e565f4) |
|---|---|
| Product | Poll Maker (bfb247e6-ab63-55b2-a7db-de0ee80ce032) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-57954 |
vulnerable | 2026-06-03 15:05:00.357467 |
WordPress Poll Maker Plugin <= 6.0.2 - Cross Site Scripting (XSS) Vulnerability
MEDIUM (6.5)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Poll Maker poll-maker allows DOM-Based XSS.This issue affects Poll Maker: from n/a through <= 6.0.2.
Published: 2025-09-22T18:24:49.114Z
Updated: 2026-04-28T16:13:39.292Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-47545 |
vulnerable | 2026-06-03 15:01:32.958189 |
WordPress Poll Maker plugin <= 5.7.7 - Race Condition Vulnerability
MEDIUM (5.3)
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Ays Pro Poll Maker poll-maker allows Leveraging Race Conditions.This issue affects Poll Maker: from n/a through <= 5.7.7.
Published: 2025-05-07T14:20:17.169Z
Updated: 2026-04-28T16:12:44.969Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-26971 |
vulnerable | 2026-06-03 15:00:08.844359 |
WordPress Poll Maker <= 5.6.5 - SQL Injection vulnerability
HIGH (7.6)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ays Pro Poll Maker poll-maker allows Blind SQL Injection.This issue affects Poll Maker: from n/a through <= 5.6.5.
Published: 2025-02-25T14:17:57.986Z
Updated: 2026-04-28T16:11:45.775Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-24577 |
vulnerable | 2026-06-03 14:59:56.356034 |
WordPress Poll Maker plugin <= 5.5.0 - Broken Access Control vulnerability
MEDIUM (6.5)
Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 5.5.0.
Published: 2025-04-17T15:48:20.641Z
Updated: 2026-04-28T16:11:28.816Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-56295 |
vulnerable | 2026-06-03 14:57:42.864481 |
WordPress Poll Maker plugin <= 5.5.6 - Broken Access Control vulnerability
MEDIUM (6.5)
Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 5.5.6.
Published: 2025-01-15T15:23:40.427Z
Updated: 2026-04-28T16:10:57.051Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-56277 |
vulnerable | 2026-06-03 14:57:42.824782 |
WordPress Poll Maker Plugin < 5.5.5 - HTML Injection vulnerability
MEDIUM (5.3)
Improper Encoding or Escaping of Output vulnerability in Ays Pro Poll Maker poll-maker.This issue affects Poll Maker: from n/a through < 5.5.5.
Published: 2025-01-21T13:40:34.084Z
Updated: 2026-04-29T09:51:53.622Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-50904 |
vulnerable | 2026-06-03 14:53:31.703281 |
WordPress Poll Maker plugin <= 4.8.0 - Broken Access Control vulnerability
MEDIUM (5.3)
Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 4.8.0.
Published: 2024-12-09T11:29:52.044Z
Updated: 2026-04-29T09:51:52.437Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-45766 |
vulnerable | 2026-06-03 14:53:08.536140 |
WordPress Poll Maker plugin <= 4.7.1 - Broken Access Control vulnerability
MEDIUM (5.3)
Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 4.7.1.
Published: 2025-01-02T11:59:55.392Z
Updated: 2026-04-29T09:51:50.527Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-24483 |
vulnerable | 2026-06-03 14:43:57.263684 |
Poll Maker < 3.2.1 - Authenticated Blind SQL Injections
The get_poll_categories(), get_polls() and get_reports() functions in the Poll Maker WordPress plugin before 3.2.1 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
Published: 2021-08-02T10:32:22.000Z
Updated: 2024-08-03T19:35:20.112Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.