Access Control Vulnerability in Totalsoft TS Poll by Totalsoft
CVE-2025-68588

Currently unrated

Key Information:

Vendor: WordPress
Status: Ts Poll
Vendor: CVE Published:; 24 December 2025

What is CVE-2025-68588?

The Totalsoft TS Poll plugin for WordPress has a vulnerability due to missing authorization, which allows attackers to exploit improperly configured access control settings. This issue could lead to unauthorized access to sensitive functionalities of the plugin, impacting user data integrity and overall security. Versions up to 2.5.3 are affected, making it critical for users to review their configurations and apply necessary security measures to mitigate potential risks.

Affected Version(s)

TS Poll <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/poll...

vdb-entry

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 24, 2025
Vulnerability Reserved
Dec 19, 2025

Credit

daroo | Patchstack Bug Bounty Program

JSON