Lucene search
K

6 matches found

NVD
NVD
added 2026/03/16 2:19 p.m.6 views

CVE-2026-2233

The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the draftpost function in all versions up to, and including, 4.2.8. This makes it...

5.3CVSS0.00193EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.8 views

WordPress plugin User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.9AI score0.00193EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/15 2:19 a.m.1 views

CVE-2026-2233 User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration <= 4.2.8 - Missing Authorization to Unauthenticated Arbitrary Post Modification via 'post_id' Parameter

The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the draftpost function in all versions up to, and including, 4.2.8. This makes it...

5.3CVSS5.9AI score0.00193EPSS
Exploits0References2
CVE
CVE
added 2026/03/15 2:19 a.m.9 views

CVE-2026-2233

The CVE CVE-2026-2233 affects the WordPress plugin User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration (wp-user-frontend). Multiple sources confirm a missing capability check in the draft_post() function that allows unauthenticated attackers to modi...

5.3CVSS5.9AI score0.00193EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/15 2:19 a.m.7 views

CVE-2026-2233

The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the draftpost function in all versions up to, and including, 4.2.8. This makes it...

5.3CVSS5.9AI score0.00193EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/15 2:19 a.m.32 views

CVE-2026-2233 User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration <= 4.2.8 - Missing Authorization to Unauthenticated Arbitrary Post Modification via 'post_id' Parameter

The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the draftpost function in all versions up to, and including, 4.2.8. This makes it...

5.3CVSS0.00193EPSS
Exploits0References2
Rows per page
Query Builder