CVE-2014-10395

Name of the Vulnerable Software and Affected Versions cp-polls plugin versions prior to 1.0.1 for WordPress

Description The issue concerns a cross-site scripting (XSS) flaw in the votes list of the cp-polls plugin. This type of flaw allows attackers to inject malicious scripts into content from otherwise trusted websites.

Recommendations For versions prior to 1.0.1, update to version 1.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the votes list feature until the update is applied.