Authenticated (admin+) Cross-Site Scripting (XSS) vulnerability in wpdevart Poll, Survey, Questionnaire and Voting system plugin <= 1.7.4 at WordPress.
References
Configurations
Configuration 1 (hide)
|
History
09 Sep 2022, 02:42
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.8 |
| CPE | cpe:2.3:a:wpdevart:poll\,_survey\,_questionnaire_and_voting_system:*:*:*:*:*:wordpress:*:* | |
| References | (CONFIRM) https://patchstack.com/database/vulnerability/polls-widget/wordpress-poll-survey-questionnaire-and-voting-system-plugin-1-7-4-authenticated-cross-site-scripting-xss-vulnerability/_s_id=cve - Third Party Advisory | |
| References | (CONFIRM) https://wordpress.org/plugins/polls-widget/ - Product | |
| First Time |
Wpdevart
Wpdevart poll\, Survey\, Questionnaire And Voting System |
06 Sep 2022, 18:50
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-09-06 18:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-34656
Mitre link : CVE-2022-34656
CVE.ORG link : CVE-2022-34656
JSON object : View
Products Affected
wpdevart
- poll\,_survey\,_questionnaire_and_voting_system
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')