A vulnerability, which was classified as critical, has been found in WP User Frontend Pro Plugin up to 4.1.3 on WordPress. This issue affects the function
upload_files
. The manipulation leads to unrestricted upload.
The identification of this vulnerability is CVE-2025-3054. The attack may be initiated remotely. There is no exploit available.