CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

WordPress User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin <= 4.3.2 - Missing Authorization to Authenticated (Subscriber+) Subscription Pack Cancellation vulnerability

Missing Authorization to Authenticated Subscriber+ Subscription Pack Cancellation vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin WP User Frontend versions = 4.3.2...

4.3CVSS5.5AI score0.00026EPSS

Exploits0References1Affected Software1

NVD•added 2026/04/29 9:16 a.m.•2 views

CVE-2026-42412

Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP User Frontend: from n/a through 4.3.1...

6.5CVSS0.00054EPSS

Exploits0References1

EUVD•added 2026/04/29 7:51 a.m.•1 views

EUVD-2026-26195

Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP User Frontend: from n/a through 4.3.1...

6.5CVSS5.1AI score0.00054EPSS

Exploits0References1

Positive Technologies•added 2026/04/29 12:0 a.m.•2 views

PT-2026-35880

Name of the Vulnerable Software and Affected Versions weDevs WP User Frontend versions prior to 4.3.2 Description A missing authorization issue exists due to incorrectly configured access control security levels. Recommendations Update to a version newer than 4.3.1...

6.5CVSS5.2AI score0.00054EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-30545

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.0005EPSS

Exploits0References2

NVD•added 2025/09/22 7:16 p.m.•1 views

CVE-2025-58672

Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through = 4.1.12...

5.4CVSS0.00069EPSS

Exploits0References1

Cvelist•added 2025/09/22 6:22 p.m.•8 views

CVE-2025-58673 WordPress WP User Frontend Plugin <= 4.1.12 - Content Injection Vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in weDevs WP User Frontend wp-user-frontend allows Code Injection.This issue affects WP User Frontend: from n/a through = 4.1.12...

5.4CVSS0.0005EPSS

Exploits0References1

CNNVD•added 2024/08/29 12:0 a.m.•1 views

WordPress plugin WP User Frontend SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

7.6CVSS7.7AI score0.00754EPSS

Exploits0References2

Packet Storm•added 2022/02/21 12:0 a.m.•276 views

WordPress WP User Frontend 3.5.25 SQL Injection

Exploit Title: WordPress Plugin WP User Frontend 3.5.25 - SQLi Authenticated Date 20.02.2022 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://wedevs.com/ Software Link: https://downloads.wordpress.org/plugin/wp-user-frontend.3.5.25.zip Version: 3.5.25 Tested on: Ubuntu 20.04 CVE:...

8.8CVSS8.8AI score0.52332EPSS

Exploits6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by