CVE-2025-53485 is a security vulnerability identified in the SecurePoll extension of the Wikimedia Foundation's MediaWiki software. The vulnerability is classified under CWE-862, which refers to missing authorization. Specifically, the issue arises in the SetTranslationHandler.php component, where the system fails to verify whether the user attempting to modify election-related translation text holds the necessary election administrator privileges. This flaw allows any user, including unauthenticated users, to alter translation content related to elections. Although newer versions of MediaWiki have partially addressed this issue, the authorization check remains incomplete in affected versions. The vulnerability impacts MediaWiki SecurePoll extension versions 1.39.x prior to 1.39.13, 1.42.x prior to 1.42.7, and 1.43.x prior to 1.43.2. No public exploits are currently known, and no CVSS score has been assigned yet. The vulnerability's root cause is the absence of proper authorization validation, enabling unauthorized modification of sensitive election-related data, which could undermine the integrity and trustworthiness of election processes managed through this extension.

For European organizations, particularly those involved in governance, public administration, or any entities utilizing MediaWiki with the SecurePoll extension for election or polling purposes, this vulnerability poses a significant risk. Unauthorized modification of election-related translation texts can lead to misinformation, manipulation of election content, and erosion of public trust in digital election tools. This could affect the confidentiality and integrity of election data, potentially influencing voter perception or behavior. Additionally, since the vulnerability allows unauthenticated users to make changes, it broadens the attack surface, increasing the likelihood of exploitation by malicious actors. The impact extends beyond technical compromise to reputational damage and challenges to democratic processes, especially in countries where digital election tools are integrated into official workflows or public information dissemination.

To mitigate this vulnerability, organizations should promptly upgrade the SecurePoll extension to the latest patched versions: 1.39.13 or later for the 1.39.x branch, 1.42.7 or later for the 1.42.x branch, and 1.43.2 or later for the 1.43.x branch. If immediate upgrading is not feasible, implement strict access controls at the web server or application firewall level to restrict access to the SetTranslationHandler.php endpoint only to trusted election administrators. Additionally, conduct thorough audits of election-related translation changes to detect unauthorized modifications. Employ monitoring and alerting mechanisms for unusual activity related to translation updates. Organizations should also review and harden their MediaWiki configurations to enforce robust authentication and authorization policies, ensuring that only authorized personnel can perform sensitive operations. Finally, consider isolating election-related MediaWiki instances from public access or deploying additional verification steps for translation changes to prevent unauthorized edits.