CVE-2025-57954 — Cross-site Scripting in PRO Poll Maker

CWE-79 — Cross-site Scripting3 documents3 sources

Severity

—N/A

No vector

EPSS

0.1%

top 80.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

AYS PRO Poll Maker

Timeline

PublishedSep 22

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Poll Maker poll-maker allows DOM-Based XSS.This issue affects Poll Maker: from n/a through <= 6.0.2.

Affected Packages1 packages

▶CVEListV5ays_pro/poll_maker6.0.2

🔴Vulnerability Details

GHSA

GHSA-22r2-3hp3-ff6j: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Poll Maker allows DOM-Based XSS↗2025-09-22

▶

CVEList

WordPress Poll Maker Plugin <= 6.0.2 - Cross Site Scripting (XSS) Vulnerability↗2025-09-22

▶