cleantalk
Vulnerabilities and Security Researches

WP User Frontend – Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submiss, CVE-2026-24364

CVE, Research URL

CVE-2026-24364

Home page URL

Security reports for WP User Frontend – Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submiss

Application

WP User Frontend – Registration, User Profile, Membership, Content Restriction, User Directory, and Frontend Post Submiss

Published on
Mar 25, 2026
Research Description
Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through <= 4.2.5.
Affected versions
max 4.2.5.
Status
vulnerable
Previous vulnerability researches
YayMail &#8211; WooCommerce Email Customizer (CVE-2026-27327) , Mar 29, 2026
New vulnerability
Scientific and Interactive Blocks &#8211; inseri core (CVE-2026-27344) , Mar 30, 2026
Advanced WooCommerce Product Sales Reporting &#8211; Statistics &amp; Forecast (CVE-2026-24993) , Mar 30, 2026
Product Feed for WooCommerce &#8211; Google Shops, Facebook Shop, TikTok, Instagram, and More (CVE-2026-22480) , Mar 30, 2026
WPCasa (CVE-2025-62043) , Mar 30, 2026
List category posts (CVE-2026-32419) , Mar 30, 2026