Path Traversal Vulnerability Affects WP Poll Maker
CVE-2024-31240

7.7HIGH

Key Information:

Vendor: WordPress
Status: WP Poll Maker
Vendor: CVE Published:; 10 April 2024

Summary

A Path Traversal vulnerability exists in the InfoTheme WP Poll Maker plugin, which allows attackers to manipulate directory paths to access restricted directories. This issue affects all versions from n/a through 3.1, potentially enabling unauthorized file access and leading to data exposure or modification. It highlights the importance of proper input validation and access controls within web applications.

Affected Version(s)

WP Poll Maker <= 3.1

References

https://patchstack.com/database/vulnerability/epoll-wp-vo...

vdb-entry

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Apr 10, 2024
Vulnerability Reserved
Mar 29, 2024

Credit

Yudistira Arya (Patchstack Alliance)