WordPress Plugin Vulnerabilities
WP-Polls < 2.76.0 - IP Validation Bypass
Description
The plugin prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations to vote in certain situations.
Affects Plugins
References
Miscellaneous
Original Researcher
Daniel Ruf
Submitter
Daniel Ruf
Submitter website
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2022-10-31 (about 1 years ago)
Added
2022-10-31 (about 1 years ago)
Last Updated
2022-10-31 (about 1 years ago)