CVE-2013-1400

Name of the Vulnerable Software and Affected Versions: WordPress Poll Plugin version 34.5

Description: The issue allows attackers to execute arbitrary SQL commands via the pollid or poll id parameter in a "viewPollResults" or "userlogs" action. This is made possible by multiple SQL injection vulnerabilities in the CWPPoll.js file.

Recommendations: For WordPress Poll Plugin version 34.5, consider disabling the CWPPoll.js file or restricting access to the "viewPollResults" and "userlogs" actions until a patch is available. Avoid using the pollid or poll id parameters in these actions to minimize the risk of exploitation.