Pollin

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2024-13712 MEDIUM This Month

The Pollin plugin for WordPress is vulnerable to SQL Injection via the 'question' parameter in all versions up to, and including, 1.01.1 due to insufficient escaping on the user supplied parameter. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress SQLi Pollin
NVD
CVSS 3.1
4.9
EPSS
0.3%
CVE-2024-13711 MEDIUM This Month

The Pollin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'question' parameter in all versions up to, and including, 1.01.1 due to insufficient input sanitization and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Pollin
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2024-13712
EPSS 0% CVSS 4.9
MEDIUM This Month

The Pollin plugin for WordPress is vulnerable to SQL Injection via the 'question' parameter in all versions up to, and including, 1.01.1 due to insufficient escaping on the user supplied parameter. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress SQLi Pollin
NVD
CVE-2024-13711
EPSS 1% CVSS 6.1
MEDIUM This Month

The Pollin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'question' parameter in all versions up to, and including, 1.01.1 due to insufficient input sanitization and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS Pollin
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy