Platform
wordpress
Component
totalpoll-lite
Fixed in
4.12.1
CVE-2026-27044 describes a Remote Code Execution (RCE) vulnerability within the Total Poll Lite WordPress plugin. This flaw allows attackers to achieve Remote Code Inclusion, potentially granting them complete control over affected WordPress installations. The vulnerability impacts versions from 0.0.0 up to and including 4.12.0. A patch is expected to be released by the vendor.
The impact of this RCE vulnerability is severe. An attacker could exploit it to execute arbitrary code on the web server hosting the vulnerable WordPress site. This could lead to complete compromise of the site, including data theft, defacement, malware installation, and lateral movement to other systems on the network. The attacker could potentially gain access to sensitive user data stored within the WordPress database or use the compromised server as a launchpad for further attacks. The Remote Code Inclusion aspect significantly elevates the risk, as it bypasses typical input validation and allows direct execution of malicious code.
This vulnerability is considered highly likely to be exploited due to its CRITICAL severity and the ease of Remote Code Inclusion. While no public exploits are currently known, the potential for widespread exploitation is significant, particularly given the popularity of the Total Poll Lite plugin. The vulnerability was publicly disclosed on 2026-03-25. It is recommended to monitor security advisories and threat intelligence feeds for any signs of active exploitation.
Exploit Status
EPSS
0.05% (17% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade to a patched version of the Total Poll Lite plugin as soon as it becomes available. Until a patch is released, consider temporarily disabling the plugin to prevent exploitation. Implement strict file access controls on the WordPress server to limit the attacker's ability to upload and execute malicious files. Web Application Firewalls (WAFs) can be configured with rules to detect and block attempts to include remote files. Monitor WordPress logs for suspicious activity, particularly attempts to access or modify plugin files.
No known patch available. Please review the vulnerability's details in depth and employ mitigations based on your organization's risk tolerance. It may be best to uninstall the affected software and find a replacement.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-27044 is a critical Remote Code Execution vulnerability in the Total Poll Lite WordPress plugin, allowing attackers to execute arbitrary code via Remote Code Inclusion.
You are affected if your WordPress site uses Total Poll Lite versions 0.0.0 through 4.12.0. Upgrade immediately when a patch is available.
Upgrade to the latest version of Total Poll Lite as soon as a patch is released by the vendor. Temporarily disable the plugin until the update is applied.
While no public exploits are currently known, the CRITICAL severity and ease of exploitation suggest it is highly likely to be targeted.
Check the Total Poll Lite website and WordPress plugin repository for official advisories and updates related to CVE-2026-27044.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.