A critical security vulnerability has been discovered in the popular SureForms WordPress plugin, putting over 200,000 active installations at risk of complete website takeover.
The flaw, designated CVE-2025-6691 with a high CVSS rating of 8.8, allows unauthenticated attackers to delete arbitrary files from affected...