Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
WPForms PDF Add-on Allows Unauthorized Access
CVE-2025-68534
Summary
If not set up correctly, the WPForms PDF add-on can be accessed by anyone, potentially allowing unauthorized users to view or modify sensitive information. This is a serious issue because it could lead to sensitive data being accessed by the wrong people. To fix this, update the WPForms PDF add-on to the latest version or adjust your access controls to ensure only authorized users can access the feature.
Original title
Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for WPForms: from n...
Original description
Missing Authorization vulnerability in add-ons.org PDF for WPForms pdf-for-wpforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PDF for WPForms: from n/a through <= 6.3.0.
nvd CVSS3.1
6.5
Vulnerability type
CWE-862
Missing Authorization
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026