Description
The TS Poll – Survey, Versus Poll, Image Poll, Video Poll plugin for WordPress is vulnerable to SQL Injection via the s parameter in all versions up to, and including, 2.4.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Published: 2025-04-15
Score: 4.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Authenticated SQL Injection
Action: Patch Plugin
AI Analysis

Impact

This vulnerability is a classic SQL Injection in the TS Poll WordPress plugin, triggered by the unescaped 's' query parameter. It allows an attacker who is authenticated with Administrator-level access to append arbitrary SQL commands to the existing query, resulting in the extraction of sensitive database contents. The weakness is a classic CWE-89 problem of insufficient input validation and lack of prepared statements.

Affected Systems

The affected vendor is Totalsoft and the product is the TS Poll – Survey, Versus Poll, Image Poll, Video Poll WordPress plugin. All versions up to and including 2.4.6 are vulnerable and should be considered at risk until a newer version is applied.

Risk and Exploitability

The CVSS score of 4.9 indicates a moderate severity, while the EPSS score of less than 1% suggests a low probability of exploitation under current conditions. The vulnerability is not listed in CISA’s KEV catalog, which further implies limited public exploitation. The likely attack vector is an authenticated user with Administrator privileges who can access the poll admin interface and supply a malicious value for the 's' parameter. Because the attacker must be authenticated, the exposure is confined to trusted administrators, but the impact remains significant if sensitive data is extracted.

Generated by OpenCVE AI on April 22, 2026 at 17:32 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the TS Poll plugin to a version newer than 2.4.6, ensuring the SQL injection fix is applied.
  • Limit Administrator access to only essential accounts and audit existing admin users to eliminate unnecessary privileges.
  • Implement a web application firewall or use a plugin such as Wordfence to block suspicious SQL injection patterns targeting the poll's 's' parameter.

Generated by OpenCVE AI on April 22, 2026 at 17:32 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-15048 The TS Poll – Survey, Versus Poll, Image Poll, Video Poll plugin for WordPress is vulnerable to SQL Injection via the s parameter in all versions up to, and including, 2.4.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
History

Wed, 08 Apr 2026 17:00:00 +0000

Type Values Removed Values Added
References

Tue, 15 Apr 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 15 Apr 2025 02:30:00 +0000

Type Values Removed Values Added
Description The TS Poll – Survey, Versus Poll, Image Poll, Video Poll plugin for WordPress is vulnerable to SQL Injection via the s parameter in all versions up to, and including, 2.4.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Administrator-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Title TS Poll – Survey, Versus Poll, Image Poll, Video Poll <= 2.4.6 - Authenticated (Administrator+) SQL Injection via 's' Parameter
Weaknesses CWE-89
References
Metrics cvssV3_1

{'score': 4.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published:

Updated: 2026-04-08T16:40:45.424Z

Reserved: 2025-04-09T14:36:39.882Z

Link: CVE-2025-3470

cve-icon Vulnrichment

Updated: 2025-04-15T02:49:23.399Z

cve-icon NVD

Status : Deferred

Published: 2025-04-15T03:15:18.507

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-3470

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-22T17:45:22Z

Weaknesses