GCVE - cpe:2.3:a:automattic:crowdsignal_dashboard:*:*:*:*:*:wordpress:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:automattic:crowdsignal_dashboard:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

Vendor	Automattic (`1dc39c9b-4ddb-5af6-acf4-410b436129a9`)
Product	Crowdsignal Dashboard (`6b564827-6cd1-5eef-912d-d49fb90824c0`)
Edition	*
Language	*
Software edition	*
Target software	wordpress
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-51489`	vulnerable	2026-06-03 14:53:32.311065	WordPress Crowdsignal Polls & Ratings plugin <= 3.0.11 - Cross Site Request Forgery (CSRF) vulnerability MEDIUM (5.4) Cross-Site Request Forgery (CSRF) vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls, Surveys & more.This issue affects Crowdsignal Dashboard – Polls, Surveys & more: from n/a through 3.0.11. Published: 2024-03-16T01:01:34.268Z Updated: 2026-04-28T16:09:02.548Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/polldaddy/wordpress-crowdsignal-polls-ratings-plugin-3-0-11-cross-site-request-forgery-csrf-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-51488`	vulnerable	2026-06-03 14:53:32.310466	WordPress Crowdsignal Dashboard – Polls, Surveys & more Plugin <= 3.0.11 is vulnerable to Cross Site Scripting (XSS) HIGH (7.1) Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls, Surveys & more allows Reflected XSS.This issue affects Crowdsignal Dashboard – Polls, Surveys & more: from n/a through 3.0.11. Published: 2024-02-10T08:27:19.187Z Updated: 2026-04-28T16:09:02.862Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/polldaddy/wordpress-crowdsignal-polls-ratings-plugin-3-0-11-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-45069`	vulnerable	2026-06-03 14:48:23.674736	WordPress Crowdsignal Dashboard plugin <= 3.0.9 - Privilege Escalation vulnerability MEDIUM (6.3) Auth. (contributor+) Privilege Escalation vulnerability in Crowdsignal Dashboard plugin <= 3.0.9 on WordPress. Published: 2022-11-17T22:18:38.893Z Updated: 2026-04-28T16:07:51.904Z Open on db.gcve.eu Reference links https://patchstack.com/database/vulnerability/polldaddy/wordpress-crowdsignal-dashboard-plugin-3-0-9-privilege-escalation-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-2386`	vulnerable	2026-06-03 14:47:06.223528	Crowdsignal Polls & Ratings < 3.0.8 - Reflected Cross-Site Scripting The Crowdsignal Dashboard WordPress plugin before 3.0.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting Published: 2022-08-08T13:48:13.000Z Updated: 2024-08-03T00:39:07.934Z Open on db.gcve.eu Reference links https://wpscan.com/vulnerability/47855d4b-9f6a-4fc7-b231-4337f51c8886	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Crowdsignal Dashboard

PURL mappings

Vulnerability references

Contribute