Improper Authentication in Responsive Poll plugin for WordPress
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2020-11673 |
| CWE-ID | CWE-287 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software Subscribe |
Responsive Poll Web applications / Modules and components for CMS |
| Vendor | Total-Soft |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Improper Authentication
EUVDB-ID: #VU26952
Risk: High
CVSSv3.1:
CVE-ID: CVE-2020-11673
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to the usage of the callback "wp_ajax_nopriv" function in "Includes/Total-Soft-Poll-Ajax.php" for sensitive operations. A remote attacker can bypass authentication process and delete, clone, or view a hidden poll.
MitigationInstall updates from vendor's website.
Vulnerable software versionsResponsive Poll: 1.0.0 - 1.3.3
CPE2.3 External linkshttp://gist.github.com/pak0s/05a0e517aeff4b1422d1a93f59718459
http://wordpress.org/plugins/poll-wp/#developers
http://plugins.trac.wordpress.org/changeset/2271601
http://plugins.trac.wordpress.org/changeset/2273724
http://wpvulndb.com/vulnerabilities/10178/
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
