Lucene search
+L

5 matches found

nvd
nvd
added 2026/07/09 8:16 a.m.7 views

CVE-2026-12406

The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.3.7. This is due to the plugin not properly verifying that a user is authorized to perform an...

5.3CVSS0.00323EPSS
Exploits0References10
nvd
nvd
added 2026/06/26 7:16 a.m.10 views

CVE-2026-8380

The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly verify ownership of every targeted post before permanent deletion, allowing authenticated users with author-level access and above to permanently delete arbitrary posts and pages. When the Frontend File Manager Plugi...

6.5CVSS0.00342EPSS
Exploits1References1
cve
cve
added 2026/06/26 6:0 a.m.29 views

CVE-2026-8380

The CVE-2026-8380 issue affects the Frontend File Manager (nmedia-user-file-uploader) WordPress plugin

6.5CVSS5.9AI score0.00342EPSS
Exploits1References1
euvd
euvd
added 2026/06/26 6:0 a.m.10 views

EUVD-2026-39626

The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly verify ownership of every targeted post before permanent deletion, allowing authenticated users with author-level access and above to permanently delete arbitrary posts and pages. When the Frontend File Manager Plugi...

6.5CVSS5.9AI score0.00342EPSS
Exploits1References1
cvelist
cvelist
added 2026/06/26 6:0 a.m.38 views

CVE-2026-8380 Frontend File Manager Plugin <= 23.6 - Author+ Arbitrary Post Deletion

The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly verify ownership of every targeted post before permanent deletion, allowing authenticated users with author-level access and above to permanently delete arbitrary posts and pages. When the Frontend File Manager Plugi...

0.00342EPSS
Exploits1References1
Rows per page
Query Builder