Every CVE whose affected-product data names Yop-poll Yop Poll, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-24454 — CVSS 6.1 (medium): In the YOP Poll WordPress plugin before 6.2.8, when a pool is created with the options "Allow other answers", "Display other answers in the…
CVE-2017-2127 — CVSS 5.4 (medium): Cross-site scripting vulnerability in YOP Poll versions prior to 5.8.1 allows remote attackers to inject arbitrary web script or HTML via…
CVE-2021-24833 — CVSS 5.4 (medium): The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability, which exists in the Admin preview…
CVE-2021-24834 — CVSS 5.4 (medium): The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cross-Site Scripting vulnerability which exists in the Create Poll -…
CVE-2022-1600 — CVSS 5.3 (medium): The YOP Poll WordPress plugin before 6.4.3 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes…
CVE-2023-6109 — CVSS 5.3 (medium): The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. This is due to improper…