CVE-2016-20067

MEDIUM NVD

CVSS Score 4.3

Severity MEDIUM

Published Jun 15, 2026

Vendor unknown

Description

WordPress CP Polls 1.0.8 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions on behalf of authenticated users. Attackers can craft malicious HTML pages that execute unwanted poll operations when administrators visit the page while logged in.

References

https://www.exploit-db.com/exploits/39513
https://www.vulncheck.com/advisories/wordpress-cp-polls-cross-site-request-forgery