CVE-2025-12891 – Survey Maker

CVE ID : CVE-2025-12891

Published : Nov. 13, 2025, 4:28 a.m. | 29 minutes ago

Description : The Survey Maker plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ‘ays_survey_show_results’ AJAX endpoint in all versions up to, and including, 5.1.9.4. This makes it possible for unauthenticated attackers to view all survey submissions.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…