Wp User Frontend
Approved changes feed: RSS · Atom
cpe:2.3:a:wedevs:wp_user_frontend:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Wedevs (74af2ef9-c755-5b07-93a2-5a3afa051904) |
|---|---|
| Product | Wp User Frontend (d2a0f906-290c-5cb2-85a2-5d41cf6634c1) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/wedevsofficial/wp-user-frontend |
purl2cpe | 2026-06-01 10:15:48.868768 |
pkg:github/wp-plugins/wp-user-frontend |
purl2cpe | 2026-06-01 10:15:48.868770 |
pkg:github/wpplugins/wp-user-frontend |
purl2cpe | 2026-06-01 10:15:48.868773 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-42412 |
vulnerable | 2026-06-03 15:25:01.119386 |
WordPress WP User Frontend plugin <= 4.3.1 - Broken Access Control vulnerability
MEDIUM (6.5)
Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects WP User Frontend: from n/a through 4.3.1.
Published: 2026-04-29T07:51:40.734Z
Updated: 2026-04-29T13:34:49.632Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-32485 |
vulnerable | 2026-06-03 15:20:43.082994 |
WordPress WP User Frontend plugin <= 4.2.8 - Broken Access Control vulnerability
HIGH (7.5)
Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through <= 4.2.8.
Published: 2026-03-25T16:14:58.069Z
Updated: 2026-04-29T09:52:00.195Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-24364 |
vulnerable | 2026-06-03 15:16:52.349453 |
WordPress WP User Frontend plugin <= 4.2.5 - Broken Access Control vulnerability
MEDIUM (6.5)
Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through <= 4.2.5.
Published: 2026-03-25T16:14:31.531Z
Updated: 2026-04-28T16:14:47.895Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-58673 |
vulnerable | 2026-06-03 15:06:22.311870 |
WordPress WP User Frontend Plugin <= 4.1.12 - Content Injection Vulnerability
MEDIUM (5.4)
Improper Control of Generation of Code ('Code Injection') vulnerability in weDevs WP User Frontend wp-user-frontend allows Code Injection.This issue affects WP User Frontend: from n/a through <= 4.1.12.
Published: 2025-09-22T18:22:52.728Z
Updated: 2026-05-12T00:59:28.051Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-58672 |
vulnerable | 2026-06-03 15:06:22.311446 |
WordPress WP User Frontend Plugin <= 4.1.12 - Broken Access Control Vulnerability
MEDIUM (5.4)
Missing Authorization vulnerability in weDevs WP User Frontend wp-user-frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through <= 4.1.12.
Published: 2025-09-22T18:22:53.444Z
Updated: 2026-05-13T10:38:22.225Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-38693 |
vulnerable | 2026-06-03 14:56:19.327326 |
WordPress WP User Frontend plugin <= 4.0.7 - SQL Injection vulnerability
HIGH (7.6)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP User Frontend allows SQL Injection.This issue affects WP User Frontend: from n/a through 4.0.7.
Published: 2024-08-29T14:05:53.853Z
Updated: 2026-04-28T16:10:04.726Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-47682 |
vulnerable | 2026-06-03 14:53:17.956089 |
WordPress WP User Frontend plugin <= 3.6.5 - Authenticated Privilege Escalation vulnerability
HIGH (7.2)
Improper Privilege Management vulnerability in weDevs WP User Frontend allows Privilege Escalation.This issue affects WP User Frontend: from n/a through 3.6.5.
Published: 2024-05-17T08:36:12.682Z
Updated: 2026-04-28T16:08:50.701Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-45002 |
vulnerable | 2026-06-03 14:53:07.251117 |
WordPress WP User Frontend plugin <= 3.6.8 - Broken Access Control vulnerability
MEDIUM (4.3)
Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP User Frontend: from n/a through 3.6.8.
Published: 2025-01-02T11:59:47.346Z
Updated: 2026-04-28T16:08:41.308Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.