Pak0S

**Name of the Vulnerable Software and Affected Versions** Responsive Poll versions 1.3.4 and earlier **Description** An issue allows an unauthenticated user to manipulate polls, including deletion, cloning, or viewing hidden polls. This is due to the usage of the `wp ajax nopriv` function in `Includes/Total-Soft-Poll-Ajax.php` for sensitive operations. **Recommendations** For Responsive Poll versions 1.3.4 and earlier, consider disabling the sensitive operations within the `wp ajax nopriv` function in `Includes/Total-Soft-Poll-Ajax.php` until a patch is available. Restrict access to the `Includes/Total-Soft-Poll-Ajax.php` file to minimize the risk of exploitation.