CVE-2025-12891 | Survey Maker Plugin up to 5.1.9.4 on WordPress AJAX Endpoint ays_survey_show_results authorization

Inserito da Angelo Barbosa | Nov 12, 2025 | CVE

A vulnerability has been found in Survey Maker Plugin up to 5.1.9.4 on WordPress and classified as problematic. This issue affects the function ays_survey_show_results of the component AJAX Endpoint. The manipulation leads to missing authorization.

This vulnerability is uniquely identified as CVE-2025-12891. The attack is possible to be carried out remotely. No exploit exists.

CVE-2025-12891 | Survey Maker Plugin up to 5.1.9.4 on WordPress AJAX Endpoint ays_survey_show_results authorization

Post correlati

CVE-2025-57407 | S-Cart up to 10.0.3 Admin Log Viewer cross site scripting

CVE-2024-49685 | Smash Balloon Custom Twitter Feeds Plugin up to 2.2.3 on WordPress cross-site request forgery

CVE-2024-25451 | Axiomatic Bento4 1.6.0-640 ReallocateBuffer allocation of resources

CVE-2024-36486 | Parallels Desktop 20.1.1 on macOS Virtual Machine Archive Restoration prl_vmarchiver unix hard link (TALOS-2024-2126 / EUVD-2024-54643)