EIP-2026-114259
PRE-CVEWordPress Plugin WP-Polls 2.x - Incorrect Flood Filter
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-114259. PoCs published by Jbyte.
AI-analyzed exploit summary This PHP script exploits a flood filter bypass in WP-Polls 2.x by sending a crafted POST request to wp-polls.php, allowing multiple votes without rate limiting. The exploit leverages incorrect handling of poll_id and poll_7 parameters.
Description
WordPress Plugin WP-Polls 2.x - Incorrect Flood Filter
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Jbyte · textwebappsphp
https://www.exploit-db.com/exploits/10256
This PHP script exploits a flood filter bypass in WP-Polls 2.x by sending a crafted POST request to wp-polls.php, allowing multiple votes without rate limiting. The exploit leverages incorrect handling of poll_id and poll_7 parameters.
Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target:
WP-Polls 2.x
No auth needed
Prerequisites:
Target must have WP-Polls plugin installed and accessible
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026