← Back

Light Poll

light_poll

Vendor: Dmytropopov • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-6720
1Dmytropopov
1Light Poll
Jun 17, 2026
Aug 6, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
CVE-2024-6496
1Dmytropopov
1Light Poll
Jun 17, 2026
Aug 1, 2024
N/A· v4
6.5 MEDIUM· v3
N/A· v2
The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks when deleting polls, which could allow attackers to make logged in users perform such action via a CSRF attack