VYPR

Embed PDF Wpforms

by WordPress

Source repositories

CVEs (1)

  • CVE-2025-10647HigSep 19, 2025
    risk 0.50cvss 8.8epss 0.01

    The Embed PDF for WPForms plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_handler_download_pdf_media function in all versions up to, and including, 1.1.5. This makes it possible for authenticated attackers, with…