Description
In Vanilla before 2.6.1, the polling functionality allows Insecure Direct Object Reference (IDOR) via the Poll ID, leading to the ability of a single user to select multiple Poll Options (e.g., vote for multiple items).
Remediation
References
Related Vulnerabilities
WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.3)
WordPress Plugin UnGallery Local File Disclosure (1.5.8)
MySQL CVE-2012-2750 Vulnerability (CVE-2012-2750)
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0762)
WordPress Plugin Advanced Woo Search Unspecified Vulnerability (1.69)