The Form Maker by 10Web plugin for WordPress is vulnerable to a security flaw in versions up to and including 1.5.19. This flaw allows unauthenticated attackers to upload any type of file to the server hosting the website using the signature field. If exploited, this could lead to remote code execution and further damage to the website.