Every CVE whose affected-product data names Ays-pro Poll Maker, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2025-26971 — CVSS 7.6 (high): Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ays Pro Poll Maker poll-maker allows…
CVE-2021-24651 — CVSS 7.5 (high): The Poll Maker WordPress plugin before 3.4.2 allows unauthenticated users to perform SQL injection via the ays_finish_poll AJAX action…
CVE-2021-24483 — CVSS 7.2 (high): The get_poll_categories(), get_polls() and get_reports() functions in the Poll Maker WordPress plugin before 3.2.1 did not use whitelist or…
CVE-2024-3600 — CVSS 7.2 (high): The Poll Maker – Best WordPress Poll Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting due to a missing capability…
CVE-2025-24577 — CVSS 6.5 (medium): Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security…
CVE-2024-56295 — CVSS 6.5 (medium): Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security…
CVE-2021-34635 — CVSS 6.1 (medium): The Poll Maker WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the mcount parameter found in the…
CVE-2024-9462 — CVSS 5.5 (medium): The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Stored Cross-Site Scripting via poll…
CVE-2023-50904 — CVSS 5.3 (medium): Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security…
CVE-2024-3601 — CVSS 5.3 (medium): The Poll Maker – Best WordPress Poll Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability…
CVE-2024-56277 — CVSS 5.3 (medium): Improper Encoding or Escaping of Output vulnerability in Ays Pro Poll Maker poll-maker.This issue affects Poll Maker: from n/a through <…
CVE-2025-47545 — CVSS 5.3 (medium): Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') vulnerability in Ays Pro Poll Maker poll-maker…
CVE-2023-45766 — CVSS 5.3 (medium): Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security…
CVE-2024-9475 — CVSS 4.9 (medium): The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to generic SQL Injection via the order_by…
CVE-2024-9874 — CVSS 4.9 (medium): The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to time-based SQL Injection via the…
CVE-2022-1456 — CVSS 4.8 (medium): The Poll Maker WordPress plugin before 4.0.2 does not sanitise and escape some settings, which could allow high privilege users such as…
CVE-2024-13602 — CVSS 4.8 (medium): The Poll Maker WordPress plugin before 5.5.4 does not sanitise and escape some of its settings, which could allow high privilege users such…
CVE-2023-34013 — CVSS 4.4 (medium): Server-Side Request Forgery (SSRF) vulnerability in Poll Maker Team Poll Maker – Best WordPress Poll Plugin.This issue affects Poll Maker…
CVE-2024-12115 — CVSS 4.3 (medium): The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Cross-Site Request Forgery in all…