Security Advisory

CVE-2022-1581

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-21 00:00:00

Last updated 2025-04-30 15:00:03

Assigner WPScan

State PUBLISHED

Description

The WP-Polls WordPress plugin before 2.76.0 prioritizes getting a visitors IP from certain HTTP headers over PHPs REMOTE_ADDR, which makes it possible to bypass IP-based limitations to vote in certain situations.

← Browse all CVEs View on cve.org ↗