CVE-2020-11673: 
WordPress vulnerability analysis and mitigation

An issue was discovered in the Responsive Poll (also known as TS Poll) WordPress plugin through version 1.3.4. The vulnerability (CVE-2020-11673) was publicly disclosed on April 13, 2020. The plugin allows unauthenticated users to manipulate polls, including the ability to delete, clone, or view hidden polls. This vulnerability stems from the improper usage of the wp_ajax_nopriv function in Includes/Total-Soft-Poll-Ajax.php for sensitive operations (NVD, WPScan).

The vulnerability is classified as a Missing Authentication for Critical Function (CWE-306) with a CVSS v3.1 base score of 9.8 (CRITICAL). The attack vector is network-accessible (AV:N) with low attack complexity (AC:L), requiring no privileges (PR:N) and no user interaction (UI:N). The scope is unchanged (S:U) with high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). The vulnerability allows unauthorized access to multiple AJAX callback functions including TotalSoftPoll_Clone_Callback, TotalSoftPoll_Del_Callback, and several others (GitHub Exploit).

The vulnerability allows unauthenticated attackers to perform unauthorized administrative actions on polls, including deleting, cloning, and viewing hidden polls. This can lead to complete compromise of poll data integrity and unauthorized access to potentially sensitive poll information (WPScan).

The vulnerability was fixed in version 1.3.4 of the plugin by adding capability checks. Users are strongly advised to update to this version or later. However, it should be noted that even in version 1.3.4, the issues remain exploitable via CSRF due to missing nonce checks (WPScan).