8 matches found
CVE-2025-58235 WordPress Front End Users plugin <= 3.2.35 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rustaurius Front End Users front-end-only-users allows Stored XSS.This issue affects Front End Users: from n/a through = 3.2.35...
CVE-2025-26877 WordPress Front End Users Plugin <= 3.2.30 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rustaurius Front End Users front-end-only-users allows Stored XSS.This issue affects Front End Users: from n/a through = 3.2.30...
WordPress Front End Users Plugin <= 3.2.30 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by zaim Patchstack Alliance in WordPress Plugin Front End Users versions = 3.2.30...
CVE-2024-37218 WordPress Page Builder Sandwich <= 5.1.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in WordPress Page Builder Sandwich Team Page Builder Sandwich – Front-End Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page Builder Sandwich – Front-End Page Builder: from n/a through 5.1.0...
WordPress Front End Users Plugin <= 3.2.28 is vulnerable to SQL Injection
Software Front End Users Type Plugin Vulnerable versions = 3.2.28 Fixed in 3.2.29 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-7607 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 35067197eafa Credits Peter Thaleikis Required privilege Contributor...
WordPress Front End PM Plugin < 11.4.3 is vulnerable to Sensitive Data Exposure
Software Front End PM Type Plugin Vulnerable versions 11.4.3 Fixed in 11.4.3 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-4930 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID a8a31ca22e6b Credits Dmitrii Ignatyev Required...
Wordpress Front-end Editor File Upload
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wordpress Front-end Editor File Upload', 'Description' = %q The Wordpress Front-end Editor plugin contains an authenticated file...
WordPress Plugin Front End Upload 0.5.3 - Arbitrary File Upload
WordPress Plugin Front End Upload 0.5.3 - Arbitrary File Upload Exploit Title: Wordpress front-end-upload 0.5.3 Arbitrary File Upload Google Dork: inurl:wp-content/plugins/front-end-upload/ Date: 31/05/2012 Exploit Author: Adrien Thierry Vendor Homepage:...