Browse all 4 CVE security advisories affecting LiquidPoll. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Liquidpoll is a polling platform designed for creating and managing interactive polls. Historically, it has been vulnerable to multiple security issues including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities. These weaknesses have allowed attackers to execute arbitrary code, steal session cookies, and gain unauthorized administrative access. The platform's four recorded CVEs highlight consistent security flaws in input validation and access control. While no major public security incidents have been widely documented, the pattern of vulnerabilities suggests potential for significant exploitation if unpatched. Organizations using liquidpoll should prioritize applying security updates and implementing additional safeguards against these recurring vulnerability classes.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-36531 | WordPress LiquidPoll plugin <= 3.3.68 - Broken Access Control vulnerability — LiquidPoll – Advanced Polls for Creators and BrandsCWE-862 | 4.3 | Medium | 2024-12-13 |
| CVE-2024-39655 | WordPress LiquidPoll plugin <= 3.3.77 - Unauthenticated Cross Site Scripting (XSS) vulnerability — LiquidPoll – Advanced Polls for Creators and BrandsCWE-79 | 6.5 | Medium | 2024-08-01 |
This page lists every published CVE security advisory associated with LiquidPoll. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.