diff --git a/htdocs/opensurvey/wizard/choix_autre.php b/htdocs/opensurvey/wizard/choix_autre.php
index fb869d65c69dbc52d442c2a4ed123607413ef522..302cbfccf6af848a0a4143fbcf0477dd2a04d504 100644
--- a/htdocs/opensurvey/wizard/choix_autre.php
+++ b/htdocs/opensurvey/wizard/choix_autre.php
@@ -27,6 +27,9 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/admin.lib.php");
 require_once(DOL_DOCUMENT_ROOT."/core/lib/files.lib.php");
 require_once(DOL_DOCUMENT_ROOT."/opensurvey/fonctions.php");
 
+// Security check
+if (!$user->rights->opensurvey->write) accessforbidden ();
+
 /*
  * Action
  */
diff --git a/htdocs/opensurvey/wizard/choix_date.php b/htdocs/opensurvey/wizard/choix_date.php
index 606b1ecf8736f95cb724ce6422add2931ddeeeb0..25f6ddc24536104255412ea08ff4d91cfb754d1b 100644
--- a/htdocs/opensurvey/wizard/choix_date.php
+++ b/htdocs/opensurvey/wizard/choix_date.php
@@ -27,6 +27,9 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/admin.lib.php");
 require_once(DOL_DOCUMENT_ROOT."/core/lib/files.lib.php");
 require_once(DOL_DOCUMENT_ROOT."/opensurvey/fonctions.php");
 
+// Security check
+if (!$user->rights->opensurvey->write) accessforbidden ();
+
 //le format du sondage est DATE
 $_SESSION["formatsondage"] = "D";
 
diff --git a/htdocs/opensurvey/wizard/create_survey.php b/htdocs/opensurvey/wizard/create_survey.php
index cad66b34d4a99973b684646a42bce4739f80a809..a8169d9d5da77355d9187943c0b97d39cf415535 100644
--- a/htdocs/opensurvey/wizard/create_survey.php
+++ b/htdocs/opensurvey/wizard/create_survey.php
@@ -27,8 +27,10 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/admin.lib.php");
 require_once(DOL_DOCUMENT_ROOT."/core/lib/files.lib.php");
 require_once(DOL_DOCUMENT_ROOT."/opensurvey/fonctions.php");
 
-$langs->load("opensurvey");
+// Security check
+if (!$user->rights->opensurvey->write) accessforbidden ();
 
+$langs->load("opensurvey");
 
 // On teste toutes les variables pour supprimer l'ensemble des warnings PHP
 // On transforme en entites html les données afin éviter les failles XSS
diff --git a/htdocs/opensurvey/wizard/index.php b/htdocs/opensurvey/wizard/index.php
index 6bb6403ff7274f326ee6f2da9c9751caaab834bb..fab1a86320dcb0f86a45ababfdaf6f61985b49c9 100644
--- a/htdocs/opensurvey/wizard/index.php
+++ b/htdocs/opensurvey/wizard/index.php
@@ -28,8 +28,10 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/admin.lib.php");
 require_once(DOL_DOCUMENT_ROOT."/core/lib/files.lib.php");
 require_once(DOL_DOCUMENT_ROOT."/opensurvey/fonctions.php");
 
-$langs->load("opensurvey");
+// Security check
+if (!$user->rights->opensurvey->write) accessforbidden ();
 
+$langs->load("opensurvey");
 
 /*
  * View