Source: National Vulnerability Database

The YOP Poll WordPress plugin before 6.4.3 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based limitations to vote in certain situations.

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1600

57 hits since 2022-08-03

PHP Vulns Source Ratio: 17% (7130 total, 598 propagated, 3565 filtered)