CVE-2025-47580

Missing Authorization vulnerability in Rustaurius Front End Users allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Front End Users: from n/a through 3.2.32...

CVE-2025-2005

The Front End Users plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the file uploads field of the registration form in all versions up to, and including, 3.2.32. This makes it possible for unauthenticated attackers to upload arbitrary files on t...

CVE-2024-12410

The Front End Users plugin for WordPress is vulnerable to SQL Injection via the 'UserSearchField' parameter in all versions up to, and including, 3.2.32 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

CVE-2024-12410

CVE-2024-12410 involves the Front End Users WordPress plugin. It is vulnerable to SQL Injection via the UserSearchField parameter in all versions up to and including 3.2.32 due to insufficient escaping and lack of proper SQL query preparation. This allows unauthenticated attackers to append extra...

PT-2025-14471 · WordPress · Front End Users

Name of the Vulnerable Software and Affected Versions: Front End Users plugin for WordPress versions up to, and including, 3.2.32 Description: The Front End Users plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the file uploads field of the...

WordPress plugin Front End Users 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

WordPress Front-End Users 3.2.32 Shell Upload

WordPress Front-End Users plugin versions 3.2.32 and below suffer from a remote shell upload vulnerability...