A vulnerability classified as critical was found in SureForms Plugin up to 1.7.3 on WordPress. Affected by this vulnerability is the function file_exists. The manipulation leads to Remote Code Execution.

This vulnerability is known as CVE-2025-6742. The attack can be launched remotely. There is no exploit available.