CVE-2024-13426 — CVSS 5.4 (medium): The WP-Polls plugin for WordPress is vulnerable to SQL Injection via COOKIE in all versions up to, and including, 2.77.2 due to…
CVE-2022-1581 — CVSS 5.3 (medium): The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which…