CVE-2025-14889

MEDIUM 5.4

Campcodes Advanced Voting Management System Password voters_edit.php improper authorization

CVSS Score

5.4

EPSS Score

0.0%

EPSS Percentile

0th

A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/voters_edit.php of the component Password Handler. Performing a manipulation of the argument ID results in improper authorization. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks.

CWE	CWE-285 CWE-266
Vendor	campcodes
Product	advanced voting management system
Published	Dec 18, 2025
Last Updated	Feb 24, 2026

Stay Ahead of the Next One

Get instant alerts for campcodes advanced voting management system

Be the first to know when new medium vulnerabilities affecting campcodes advanced voting management system are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Campcodes / Advanced Voting Management System

1.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.337378 vuldb.com: https://vuldb.com/?ctiid.337378 vuldb.com: https://vuldb.com/?submit.715643 gist.github.com: https://gist.github.com/nikstudy576-maker/82e1e1ede9b848880aa09b87b92bc22c campcodes.com: https://www.campcodes.com/

Credits

🔍 Err404 (VulDB User)