CVE-2016-20062

Deferred Deferred - Pending Action

SQL Injection in Simply Poll WordPress Plugin

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: VulnCheck

Description

Simply Poll 1.4.1 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through the 'pollid' POST parameter. Attackers can send requests to the admin-ajax.php endpoint with the 'spAjaxResults' action and malicious 'pollid' values to execute arbitrary SQL queries and read sensitive data from the WordPress database.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-06-09

Last Modified

2026-06-09

Generated

2026-06-09

AI Q&A

2026-06-09

EPSS Evaluated

N/A

NVD

CVE-2016-20062

EUVD

EUVD-2016-10875

Affected Vendors & Products

Vendor	Product	Version / Range
ollie_armstrong	simply_poll	to 1.4.1 (inc)
simply_poll	simply_poll	1.4.1

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-89	The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

CWE ID

Description

CWE-89

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Attack-Flow Graph

Executive Summary

CVE-2016-20062 is a high-severity SQL injection vulnerability in the Simply Poll 1.4.1 WordPress plugin. It allows unauthenticated attackers to inject malicious SQL code through the 'pollid' POST parameter by sending specially crafted requests to the admin-ajax.php endpoint with the 'spAjaxResults' action.

This injection enables attackers to execute arbitrary SQL queries on the WordPress database, potentially extracting sensitive information without needing any authentication.

Impact Analysis

Exploitation of this vulnerability can lead to unauthorized disclosure of sensitive database information from the WordPress site using the Simply Poll plugin.

Attackers can read arbitrary data from the database.
If the web server is misconfigured, attackers may gain read and write access to the filesystem.

Because no authentication is required, the risk is significant, potentially compromising the confidentiality of the website's data.

Detection Guidance

This vulnerability can be detected by sending specially crafted POST requests to the admin-ajax.php endpoint with the 'spAjaxResults' action and malicious 'pollid' values to test for SQL injection.

Tools like sqlmap can be used to automate detection, performing boolean-based blind, time-based blind, and UNION query attacks against the vulnerable parameter.

Use sqlmap with a command similar to: sqlmap -u "http://targetsite.com/wp-admin/admin-ajax.php" --data="action=spAjaxResults&pollid=1" --method=POST --dbs
Manually test by sending POST requests with different 'pollid' values to observe if SQL errors or unexpected data are returned.

Mitigation Strategies

Immediate mitigation steps include disabling or removing the Simply Poll plugin version 1.4.1 or earlier from your WordPress installation, as no fix was available at the time of disclosure.

Restrict access to the admin-ajax.php endpoint to trusted users or IP addresses to prevent unauthenticated exploitation.

Monitor and block suspicious POST requests targeting the 'spAjaxResults' action with unusual 'pollid' parameters.

Consider applying web application firewall (WAF) rules to detect and block SQL injection attempts targeting this vulnerability.

Compliance Impact

The SQL injection vulnerability in the Simply Poll 1.4.1 WordPress plugin allows unauthenticated attackers to extract sensitive database information. This exposure of sensitive data can lead to non-compliance with data protection regulations such as GDPR and HIPAA, which require the protection of personal and sensitive information from unauthorized access.

Because attackers can execute arbitrary SQL queries and read sensitive data without authentication, organizations using this plugin may face risks related to data breaches, potentially violating confidentiality and data integrity requirements mandated by these standards.

Hi! I’m here to help you understand CVE-2016-20062. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

CVE-2016-20062

SQL Injection in Simply Poll WordPress Plugin

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Quick Actions

Chat Assistant

EPSS Chart