cleantalk
Vulnerabilities and Security Researches

Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor, CVE-2025-12569

CVE, Research URL

CVE-2025-12569

Home page URL

Security reports for Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor

Application

Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor

Published on
Nov 24, 2025
Research Description
The Guest posting / Frontend Posting / Front Editor WordPress plugin before 5.0.0 does not validate a parameter before redirecting the user to its value, leading to an Open Redirect issue
Affected versions
max 5.0.0.
Status
vulnerable
Previous vulnerability researches
YITH PayPal Express Checkout for WooCommerce (CVE-2019-16251) , Jun 07, 2024
YITH PayPal Express Checkout for WooCommerce (CVE-2025-48111) , Jun 18, 2025
New vulnerability
Nelio Popups (CVE-2025-66111) , Dec 11, 2025
Vitepos – Point of sale (POS) plugin for WooCommerce (CVE-2025-13156) , Dec 11, 2025
SNORDIAN's H5PxAPIkatchu (CVE-2025-12904) , Dec 11, 2025
Share to Google Classroom (CVE-2025-12711) , Dec 11, 2025
Flickr Show (CVE-2025-12672) , Dec 11, 2025