CVE-2025-12892 – Survey Maker

CVE ID : CVE-2025-12892

Published : Nov. 13, 2025, 4:15 a.m. | 41 minutes ago

Description : The Survey Maker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the deactivate_plugin_option() function in all versions up to, and including, 5.1.9.4. This makes it possible for unauthenticated attackers to update the ays_survey_maker_upgrade_plugin option.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…