WP User Frontend
weDevs
Developer
4.3.0
Latest version
20,000
Installations
No date
Last updated
Vulnerability history
0 present
16 patched
8 Mitigation rules
- Broken Access Control vulnerability<= 4.2.823/03/2026
- Missing Authorization to Unauthenticated Arbitrary Post Modification via 'post_id' Parameter vulnerability<= 4.2.816/03/2026
- Broken Access Control vulnerability<= 4.2.510/03/2026
- Authenticated (Author+) Arbitrary File Upload vulnerability<= 4.2.827/02/2026
- Missing Authorization to Unauthenticated Arbitrary Attachment Deletion vulnerability<= 4.2.402/01/2026
- Broken Access Control Vulnerability<= 4.1.1222/09/2025
- Content Injection Vulnerability<= 4.1.1222/09/2025
- SQL Injection vulnerability<= 4.0.701/08/2024
- Malicious Polyfill.io Embed vulnerability<= 4.0.703/07/2024
- Authenticated Privilege Escalation vulnerability<= 3.6.509/11/2023
- Broken Access Control vulnerability<= 3.6.803/10/2023
- Cross-Site Request Forgery (CSRF) vulnerability<= 3.6.021/03/2023
- Obscure Registration as Admin vulnerability<= 3.5.2831/10/2022
- SQL Injection (SQLi) to Reflected Cross-Site Scripting (XSS)<= 3.5.2527/12/2021
- SQL Injection (SQLi) vulnerability<= 3.5.2318/11/2021
- Unrestricted File Upload<= 2.3.1008/02/2016