A vulnerability classified as critical was found in Download After Email Plugin 2.1.5/2.1.6 on WordPress. The impacted element is an unknown function of the component Form Submission Handler. Executing manipulation can lead to improper authorization.

This vulnerability is registered as CVE-2025-54743. It is possible to launch the attack remotely. No exploit is available.