Path Traversal Vulnerability Affects WP Poll Maker
CVE-2024-31240

8.1HIGH

Key Information:

Vendor: WordPress
Status: WP Poll Maker
Vendor: CVE Published:; 10 April 2024

What is CVE-2024-31240?

A Path Traversal vulnerability exists in the InfoTheme WP Poll Maker plugin, which allows attackers to manipulate directory paths to access restricted directories. This issue affects all versions from n/a through 3.1, potentially enabling unauthorized file access and leading to data exposure or modification. It highlights the importance of proper input validation and access controls within web applications.

Affected Version(s)

WP Poll Maker <= 3.1

References

https://patchstack.com/database/vulnerability/epoll-wp-vo...

vdb-entry

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 10, 2024
Vulnerability Reserved
Mar 29, 2024

Credit

Yudistira Arya (Patchstack Alliance)

WordPress

What is CVE-2024-31240?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit