CVE-2013-1400

  • Published Date: Thu 13 Feb 2020
  • Last Modified Date: Wed 19 Feb 2020

Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll Plugin 34.5 for WordPress allow attackers to execute arbitrary SQL commands via the pollid or poll_id parameter in a viewPollResults or userlogs action.

Impact

Severity: HIGH
Exploitability Score: 10.0
Impact Score: 6.4
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
Availability (A): PARTIAL

References (Advisories, Solutions, and Tools):



Note: This page is generated by our securitybot and has not been checked for errors. Feed Source: NVD