Poll Maker < 4.0.2 – Admin+ Stored Cross-Site Scripting | CVE 2022-1456 | Plugin Vulnerabilities

Description

The plugin does not sanitise and escape some settings, which could allow high privilege users such as admin to perform Store Cross-Site Scripting attack even when unfiltered_html is disallowed

Proof of Concept

Put the following payload in any of the Mailchimp integration settings (/wp-admin/admin.php?page=poll-maker-ays-settings&ays_poll_tab=tab2) and save: "><img src onerror=alert(/XSS/)>

Affects Plugins

Fixed in 4.0.2

References

CVE

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

0x23.so

Submitter

0x23.so

Submitter website

https://github.com/dr-xr-xr-x

Verified

Yes

WPVDB ID

1f41fc5c-18d0-493d-9a7d-8b521ab49f85

Timeline

Publicly Published

2022-05-04 (about 3 years ago)

Added

2022-05-04 (about 3 years ago)

Last Updated

2022-05-05 (about 3 years ago)

Other

Published

Title

Published

2025-06-25

Title

Namasha By Mdesign < 1.2.05 - Authenticated (Contributor+) Stored Cross-Site Scripting via playicon_title Parameter

Published

2022-01-04

Title

Amazon Affiliate < 3.17.1 - Reflected Cross-Site Scripting

Published

2022-03-31

Title

WP YouTube Live < 1.7.22 - Authenticated Reflected Cross-Site Scripting

Published

2024-03-25

Title

WC Builder < 1.0.19 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2023-04-03

Title

Product page shipping calculator for WooCommerce < 1.3.21 - Admin+ Stored XSS