Poll Maker < 4.0.2 - Admin+ Stored Cross-Site Scripting
CVE-2022-1456
4.8MEDIUM
What is CVE-2022-1456?
The Poll Maker WordPress plugin before 4.0.2 does not sanitise and escape some settings, which could allow high privilege users such as admin to perform Store Cross-Site Scripting attack even when unfiltered_html is disallowed
Affected Version(s)
Poll Maker 4.0.2