cleantalk
Vulnerabilities and Security Researches

Frontend Posting WordPress Plugin – Frontend Post Submission Manager Lite, CVE-2024-8427

CVE, Research URL

CVE-2024-8427

Home page URL

Security reports for Frontend Posting WordPress Plugin – Frontend Post Submission Manager Lite

Application

Frontend Posting WordPress Plugin – Frontend Post Submission Manager Lite

Published on
Sep 06, 2024
Research Description
The Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_global_settings and process_form_edit functions in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the plugin's settings and forms.
Affected versions
max 1.2.3.
Status
vulnerable
Previous vulnerability researches
Frontend Posting WordPress Plugin – Frontend Post Submission Manager Lite (CVE-2026-1296) , Apr 14, 2026
Frontend Posting WordPress Plugin – Frontend Post Submission Manager Lite (CVE-2025-14913) , Jan 11, 2026
Frontend Posting WordPress Plugin – Frontend Post Submission Manager Lite (CVE-2025-14080) , Jan 11, 2026
Frontend Posting WordPress Plugin – Frontend Post Submission Manager Lite (CVE-2024-8427) , Sep 07, 2024
New vulnerability
Photo Gallery by 10Web – Mobile-Friendly Image Gallery (CVE-2026-1036) , Apr 15, 2026
Secure Copy Content Protection and Content Locking (CVE-2026-1320) , Apr 15, 2026
Secure Copy Content Protection and Content Locking (CVE-2026-2367) , Apr 15, 2026
Post Grid, Post Carousel, & List Category Posts – by Smart Post Show (CVE-2026-3017) , Apr 15, 2026
Japanized For WooCommerce (CVE-2026-1305) , Apr 15, 2026