PT-2022-25232 · WordPress · Wp-Polls
Minhtuanact
+1
·
Published
2022-11-18
·
Updated
2022-11-21
·
CVE-2022-40130
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
WP-Polls plugin versions prior to 2.76.1
Description
A race condition issue exists in the WP-Polls plugin, affecting users with subscriber or higher permissions. This issue can be exploited due to improper synchronization, potentially leading to unauthorized access or data modification.
Recommendations
For WP-Polls plugin versions prior to 2.76.1, update to version 2.76.1 or later to resolve the issue.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wp-Polls