Skip to main content

Ts Poll

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2024-9022 HIGH POC This Week

SQL injection in the TS Poll WordPress plugin (versions up to and including 2.4.0) allows authenticated attackers with Administrator-level access to append arbitrary SQL queries via the 'orderby' parameter, enabling extraction of sensitive database contents. Publicly available exploit code exists, though the high-privilege requirement (PR:H) limits practical impact, and EPSS sits at 2.11% (84th percentile) indicating modest but non-trivial exploitation interest. No public exploit identified as actively used in the wild - not listed in CISA KEV.

SQLi WordPress Ts Poll
NVD GitHub
CVSS 3.1
7.2
EPSS
2.1%
CVE-2024-9022
EPSS 2% CVSS 7.2
HIGH POC This Week

SQL injection in the TS Poll WordPress plugin (versions up to and including 2.4.0) allows authenticated attackers with Administrator-level access to append arbitrary SQL queries via the 'orderby' parameter, enabling extraction of sensitive database contents. Publicly available exploit code exists, though the high-privilege requirement (PR:H) limits practical impact, and EPSS sits at 2.11% (84th percentile) indicating modest but non-trivial exploitation interest. No public exploit identified as actively used in the wild - not listed in CISA KEV.

SQLi WordPress Ts Poll
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy