Cardozatechnologies: Security Vulnerabilities
Cross-Site Request Forgery (CSRF) vulnerability in Vinoj Cardoza 3D Tag Cloud allows Stored XSS.This issue affects 3D Tag Cloud: from n/a through 3.8.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-01-17
Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll Plugin 34.5 for WordPress allow attackers to execute arbitrary SQL commands via the pollid or poll_id parameter in a viewPollResults or userlogs action.
CVSS Score
9.8
EPSS Score
0.023
Published
2020-02-13
Multiple security bypass vulnerabilities in the editAnswer, deleteAnswer, addAnswer, and deletePoll functions in WordPress Poll Plugin 34.5 for WordPress allow a remote attacker to add, edit, and delete an answer and delete a poll.
CVSS Score
9.8
EPSS Score
0.046
Published
2020-02-13