CVE-2025-68588
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
2Description
Missing Authorization vulnerability in totalsoft TS Poll poll-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TS Poll: from n/a through <= 2.5.5.
Analysis
Access control bypass in TS Poll WordPress plugin (versions ≤2.5.5) allows low-privileged authenticated users to escalate privileges and gain unauthorized read/write access to poll data. Attackers with basic subscriber accounts can exploit misconfigured authorization checks to access or modify content beyond their intended permission level. EPSS exploitation probability is low (0.04%, 13th percentile), with no public exploit identified at time of analysis, suggesting limited immediate risk despite the 8.1 CVSS score.
Technical Context
This vulnerability stems from CWE-862 (Missing Authorization), a server-side access control failure where the plugin fails to properly verify user permissions before granting access to sensitive operations. The WordPress plugin TS Poll (poll-wp) does not adequately enforce authorization checks on API endpoints or administrative functions, allowing authenticated users to bypass intended security boundaries. Unlike authentication bypass (CWE-287), this is a post-authentication authorization failure where the application incorrectly evaluates what an authenticated user is permitted to do. The CVSS vector indicates network-accessible exploitation with low complexity, requiring only low-level privileges (PR:L), meaning any registered WordPress user account can potentially exploit this flaw without specialized knowledge or complex attack chains.
Affected Products
The vulnerability affects TS Poll (poll-wp), a WordPress polling plugin developed by TotalSoft, in all versions from the initial release through version 2.5.5 inclusive. The product identifier is the WordPress plugin slug 'poll-wp' available through the official WordPress.org plugin repository. According to Patchstack intelligence, version 2.5.3 was explicitly identified during security research, with the vulnerability persisting through the 2.5.5 release line. Organizations should check their WordPress plugin management dashboard for installations of TS Poll at or below version 2.5.5. The vendor advisory and technical details are available through Patchstack's vulnerability database at the referenced URL.
Remediation
Immediately update TS Poll plugin to a version newer than 2.5.5 once the vendor releases a patched version addressing this authorization flaw. Check the Patchstack advisory at https://patchstack.com/database/Wordpress/Plugin/poll-wp/vulnerability/wordpress-ts-poll-plugin-2-5-3-broken-access-control-vulnerability for the specific fixed version number and vendor patch status. As interim mitigation if patches are unavailable, restrict WordPress user registration to trusted users only by disabling public registration in WordPress Settings > General, and audit existing user accounts to remove unnecessary low-privileged accounts that could exploit this vulnerability. Review poll configurations to ensure sensitive data is not stored or processed through the plugin until patching is complete. Consider temporarily deactivating the plugin if polls are non-essential to business operations. Implement WordPress security plugins with role-based access control monitoring to detect unauthorized privilege escalation attempts.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today