cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-7134,https://securityvulnerability.io/vulnerability/CVE-2024-7134,LiquidPoll Plugin Vulnerable to Stored Cross-Site Scripting,"The LiquidPoll – Polls, Surveys, NPS and Feedback Reviews plugin for WordPress is exposed to a serious vulnerability characterized by stored cross-site scripting through the 'form_data' parameter. This flaw, present in all versions up to and including 3.3.78, arises from inadequate input sanitization and output escaping protocols. As a result, it opens the door for unauthorized attackers to inject malicious web scripts, which can be executed whenever unsuspecting users access compromised pages. This vulnerability poses significant security risks to websites utilizing the LiquidPoll plugin.",Wordpress,"Liquidpoll – Polls, Surveys, Nps And Feedback Reviews",7.2,HIGH,0.0005200000014156103,false,,false,false,false,,false,false,2024-08-21T05:30:19.623Z,0
CVE-2024-2080,https://securityvulnerability.io/vulnerability/CVE-2024-2080,LiquidPoll Vulnerability Exposes Private Poll Information,"The LiquidPoll – Polls, Surveys, NPS and Feedback Reviews plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.3.76 via the poller_list shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to extract information from polls that may be private.",Wordpress,"Liquidpoll – Polls, Surveys, Nps And Feedback Reviews",4.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,2024-03-22T01:59:58.625Z,0