WordPress Frontend Admin by DynamiApps plugin <= 3.28.20 - Unauthenticated Arbitrary Options Update vulnerability

Unauthenticated Arbitrary Options Update vulnerability discovered by YCInfosec in WordPress Plugin Frontend Admin by DynamiApps versions = 3.28.20...

CVE-2025-57898

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jose Vega WP Frontend Admin display-admin-page-on-frontend allows Stored XSS.This issue affects WP Frontend Admin: from n/a through = 1.22.7...

CVE-2025-57898 WordPress WP Frontend Admin plugin <= 1.22.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jose Vega WP Frontend Admin display-admin-page-on-frontend allows Stored XSS.This issue affects WP Frontend Admin: from n/a through = 1.22.7...

CVE-2025-57898

CVE-2025-57898 is a Stored XSS in the WordPress plugin WP Frontend Admin (Display WP Admin Pages in the Frontend). Public docs show affected software: WP Frontend Admin

CVE-2025-49267 WordPress Frontend Admin by DynamiApps plugin <= 3.28.3 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Shabti Kaplan Frontend Admin by DynamiApps acf-frontend-form-element allows Blind SQL Injection.This issue affects Frontend Admin by DynamiApps: from n/a through = 3.28.3...

CVE-2025-49267 WordPress Frontend Admin by DynamiApps <= 3.28.3 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Shabti Kaplan Frontend Admin by DynamiApps allows Blind SQL Injection. This issue affects Frontend Admin by DynamiApps: from n/a through 3.28.3...

WordPress Frontend Admin by DynamiApps plugin <= 3.28.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Frissi0n in WordPress Plugin Frontend Admin by DynamiApps versions = 3.28.3...

WordPress plugin Frontend Admin by DynamiApps 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

WordPress Frontend Admin – Add and edit posts, pages, users and more all from the frontend Plugin <= 3.7.11 is vulnerable to Cross Site Scripting (XSS)

Software Frontend Admin – Add and edit posts, pages, users and more all from the frontend Type Plugin Vulnerable versions = 3.7.11 Fixed in 3.8.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim...