Vulnerabilities and Security Researches

YOP Poll, CVE-2022-1600

CVE, Research URL: CVE-2022-1600
Home page URL: Security reports for YOP Poll
Application: YOP Poll
Published on: Aug 01, 2022
Research Description: The YOP Poll WordPress plugin before 6.4.3 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations to vote in certain situations.
Affected versions: max 5.7.4.
Status: vulnerable