Primary

Context

TotalSuite Total Poll Lite Remote Code Execution Vulnerability

Vulnerability

A code injection vulnerability allowing remote code execution has been identified in the Total Poll Lite WordPress plugin, specifically in versions through 4.12.0. This vulnerability arises from improper control over code generation, leading to remote code inclusion.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected website, potentially leading to unauthorized access and full control over the site.

Remediation

Users are advised to update the Total Poll Lite plugin to the latest version. If an update cannot be applied, consult with your hosting provider or web developer for assistance.

Added: Mar 25, 2026, 7:50 PM

Updated: Mar 25, 2026, 7:50 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

4.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

4.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TotalSuite Total Poll Lite Remote Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating