{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25428", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-02-02T12:53:34.262Z", "datePublished": "2026-02-19T08:27:07.662Z", "dateUpdated": "2026-04-28T16:14:58.461Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected", "packageName": "poll-wp", "product": "TS Poll", "vendor": "totalsoft", "versions": [{"lessThanOrEqual": "2.5.5", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Jakub Herman | Patchstack Bug Bounty Program"}], "datePublic": "2026-04-01T16:05:09.890Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Server-Side Request Forgery (SSRF) vulnerability in totalsoft TS Poll poll-wp allows Server Side Request Forgery.<p>This issue affects TS Poll: from n/a through <= 2.5.5.</p>"}], "value": "Server-Side Request Forgery (SSRF) vulnerability in totalsoft TS Poll poll-wp allows Server Side Request Forgery.This issue affects TS Poll: from n/a through <= 2.5.5."}], "impacts": [{"capecId": "CAPEC-664", "descriptions": [{"lang": "en", "value": "Server Side Request Forgery"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-918", "description": "Server-Side Request Forgery (SSRF)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T16:14:58.461Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/poll-wp/vulnerability/wordpress-ts-poll-plugin-2-5-5-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"}], "title": "WordPress TS Poll plugin <= 2.5.5 - Server Side Request Forgery (SSRF) vulnerability"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-19T17:03:52.632359Z", "id": "CVE-2026-25428", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-28T13:56:28.326Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25428", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-19T17:03:52.632359Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-19T17:02:16.732Z"}}], "cna": {"title": "WordPress TS Poll plugin <= 2.5.5 - Server Side Request Forgery (SSRF) vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Jakub Herman | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-664", "descriptions": [{"lang": "en", "value": "Server Side Request Forgery"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "totalsoft", "product": "TS Poll", "versions": [{"status": "affected", "changes": [{"at": "2.6.0", "status": "unaffected"}], "version": "0", "versionType": "custom", "lessThanOrEqual": "2.5.5"}], "packageName": "poll-wp", "collectionURL": "https://wordpress.org/plugins", "defaultStatus": "unaffected"}], "datePublic": "2026-04-28T13:26:49.711Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/poll-wp/vulnerability/wordpress-ts-poll-plugin-2-5-5-server-side-request-forgery-ssrf-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Server-Side Request Forgery (SSRF) vulnerability in totalsoft TS Poll poll-wp allows Server Side Request Forgery.This issue affects TS Poll: from n/a through <= 2.5.5.", "supportingMedia": [{"type": "text/html", "value": "Server-Side Request Forgery (SSRF) vulnerability in totalsoft TS Poll poll-wp allows Server Side Request Forgery.<p>This issue affects TS Poll: from n/a through <= 2.5.5.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-04-28T12:10:50.387Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25428", "state": "PUBLISHED", "dateUpdated": "2026-04-28T13:56:28.326Z", "dateReserved": "2026-02-02T12:53:34.262Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-02-19T08:27:07.662Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Server-Side Request Forgery (SSRF) vulnerability in totalsoft TS Poll poll-wp allows Server Side Request Forgery.This issue affects TS Poll: from n/a through <= 2.5.5."}, {"lang": "es", "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n del lado del servidor (SSRF) en totalsoft TS Poll poll-wp permite falsificaci\u00f3n de petici\u00f3n del lado del servidor. Este problema afecta a TS Poll: desde n/a hasta &lt;= 2.5.5."}], "id": "CVE-2026-25428", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 2.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-02-19T09:16:24.163", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/poll-wp/vulnerability/wordpress-ts-poll-plugin-2-5-5-server-side-request-forgery-ssrf-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.5.5]"}}], "enrichment": {"confidence": 97.0, "confidence_source": "matching", "scores": [{"score": 97.0, "source": "matching"}]}, "original": {"product": "TS Poll", "source": "cna", "vendor": "totalsoft"}, "product": "ts_poll", "vendor": "total-soft"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-16T00:12:31.786550+00:00", "value": {"mitigation_remediation": ["Upgrade the TS Poll plugin to the latest version that includes the SSRF fix.", "Configure network policies or firewall rules to block arbitrary outbound connections initiated by the WordPress environment.", "Implement URL validation or a strict whitelist in the plugin\u2019s request handling to prevent the use of unintended endpoints."], "summary": {"action": "Assess Impact", "impact": "Server Side Request Forgery"}, "threat_synthesis": {"affected_systems": "The vulnerability impacts the totalsoft TS Poll plugin for WordPress, affecting all releases up to and including version 2.5.5. Users running these versions on any WordPress installation are at risk.", "description_and_impact": "A Server-Side Request Forgery (SSRF) flaw exists in the TS Poll plugin for WordPress, enabling an attacker to force the application to make arbitrary HTTP requests to internal or external resources. If exploited, the plugin could fetch sensitive information, communicate with internal services, or facilitate further attacks such as remote code execution. The weakness stems from improper validation of user-supplied URLs, classified as CWE-918.", "risk_and_exploitability": "The CVSS score of 4.4 indicates moderate severity, while the EPSS score of less than 1% suggests a low likelihood of exploitation in the wild. The flaw is not currently listed in CISA's KEV catalog. The attack vector is inferred to be via an exposed endpoint in the plugin that accepts URLs without proper sanitization, likely requiring authenticated or unauthenticated access to a poll-related activity. No patch is published in the data, so the risk remains until a version that removes the flaw or restricts outbound requests is deployed."}}}}, "created": "2026-02-20T10:08:16.325569+00:00", "updated": "2026-04-16T00:15:18.641318+00:00", "vendors": ["total-soft", "total-soft$PRODUCT$ts_poll", "wordpress", "wordpress$PRODUCT$wordpress"]}