[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fRjIa-BDLN35lc2Xnfy1JjXxYm8zWFHbVhaA_uXA5WgY":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20,"patch_diff_files":21,"patch_trac_url":22},"CVE-2024-24874","cp-polls-unauthenticated-content-injection","CP Polls \u003C= 1.0.71 - Unauthenticated Content Injection","The Polls CP plugin for WordPress is vulnerable to content injection in all versions up to, and including, 1.0.71. This is due to insufficient validation on poll answers. This makes it possible for unauthenticated attackers to inject arbitrary content.","cp-polls",null,"\u003C=1.0.71","1.0.72","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')","2024-02-05 00:00:00","2024-02-08 15:11:15",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002Ff28d7659-9244-4da8-97e9-4539d7d874f7?source=api-prod",4,[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fcp-polls%2Ftags%2F1.0.71&new_path=%2Fcp-polls%2Ftags%2F1.0.72"]