140 matches found
WordPress plugin User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-25537
The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the draft post function in all versions up to, and including, 4.2.8. This makes it...
WordPress WP User Frontend plugin <= 4.2.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by daroo in WordPress Plugin WP User Frontend versions = 4.2.5...
WordPress User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin <= 4.2.8 - Authenticated (Author+) Arbitrary File Upload vulnerability
Authenticated Author+ Arbitrary File Upload vulnerability discovered by Williwollo CybrX in WordPress Plugin WP User Frontend versions = 4.2.8...
EUVD-2026-8875
The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'WPUFAdminSettings::checkfiletypeandext' function and in the...
CVE-2026-1565
The CVE-2026-1565 entry describes a vulnerability in the WordPress plugin WP User Frontend (AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration) up to version 4.2.8. Root cause: incorrect file-type validation in WPUF_Admin_Settings::check_filetype_and_ext and Admi...
WordPress plugin User Frontend 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-22174
Name of the Vulnerable Software and Affected Versions User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration versions prior to 4.2.9 Description The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration...
CVE-2023-45002
Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through 3.6.8...
CVE-2025-14047
The Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submission – WP User Frontend plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'FrontendFormAjax::submitpost' function in all versions up to,...
WordPress WP User Frontend plugin <= 4.2.4 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability
Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability discovered by shark3y in WordPress Plugin WP User Frontend versions = 4.2.4...
CVE-2025-14047
The Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submission – WP User Frontend plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'FrontendFormAjax::submitpost' function in all versions up to,...
CVE-2025-14047 WP User Frontend <= 4.2.4 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion
The Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submission – WP User Frontend plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'FrontendFormAjax::submitpost' function in all versions up to,...
CVE-2025-14047 WP User Frontend <= 4.2.4 - Missing Authorization to Unauthenticated Arbitrary Attachment Deletion
The Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submission – WP User Frontend plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'FrontendFormAjax::submitpost' function in all versions up to,...
CVE-2025-14047
CVE-2025-14047 affects the WP User Frontend plugin for WordPress. A missing capability check in Frontend_Form_Ajax::submit_post in all versions up to 4.2.4 enables unauthenticated attackers to delete attachments, per the provided description. CVSS 3.1/3.1: 5.3 base score; impact indicates Low int...
WordPress plugin WP User Frontend 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2026-1040
Name of the Vulnerable Software and Affected Versions WP User Frontend plugin for WordPress versions up to and including 4.2.4 Description The Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submission – WP User Frontend plugin for WordPress has an...
EUVD-2024-37544
Malicious code in bioql PyPI...
EUVD-2025-30545
Malicious code in bioql PyPI...
EUVD-2023-51780
Malicious code in bioql PyPI...