CVE-2025-10647 | Embed PDF for WPForms Plugin up to 1.1.5 on WordPress ajax_handler_download_pdf_media unrestricted upload

A vulnerability was found in Embed PDF for WPForms Plugin up to 1.1.5 on WordPress. It has been rated as critical. Impacted is the function ajax_handler_download_pdf_media. The manipulation leads to unrestricted upload.

This vulnerability is traded as CVE-2025-10647. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More