2 matches found
WordPress WP User Frontend Plugin <= 4.1.12 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Kishan Vyas in WordPress Plugin WP User Frontend versions = 4.1.12...
CVE-2025-58672
CVE-2025-58672 is a Missing Authorization vulnerability in WP User Frontend. The connected Wordfence entry confirms an Authenticated (Subscriber+) Arbitrary Shortcode Execution in WP User Frontend