CVE-2025-12536 | SureForms Plugin up to 1.13.1 on WordPress Setting _srfm_email_notification auth_callback authorization

A vulnerability was found in SureForms Plugin up to 1.13.1 on WordPress. It has been rated as problematic. Affected is the function _srfm_email_notification of the component Setting Handler. Performing manipulation of the argument auth_callback results in missing authorization.

This vulnerability is cataloged as CVE-2025-12536. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More