Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor, e72f8a7922e4dddc62d7b6c3826258a9809f560a
- CVE, Research URL
- Home page URL
- Application
-
Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor
- Published on
- Jun 27, 2023
- Research Description
- Guest posting / Frontend Posting / Front Editor – WP Front User Submit [front-editor] < 3.8.5 WordPress WP Front User Submit / Front Editor Plugin <= 3.8.4 is vulnerable to Cross Site Scripting (XSS) Update the WordPress WP Front User Submit / Front Editor plugin to the latest available version (at least 3.8.5). WordFence discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress WP Front User Submit / Front Editor Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 3.8.5.
- Affected versions
-
max 3.8.5.
- Status
-
vulnerable
| Previous vulnerability researches |
|---|
| Elizaibots (CVE-2025-49893) , Aug 20, 2025 |
| Elizaibots (abcf8d2a13b3fd2324a04f9724e5ac9347743677) , Jun 16, 2026 |