N/A
2026-03-25< 3.28.32
Frontend Admin by DynamiApps <= 3.28.31 - Authenticated (Editor+) PHP Object Injection via 'post_content' of Admin Form Posts
Frontend Admin by DynamiApps
Minimum safe version
3.28.32
Update to 3.28.32 or later to address 18 fixable vulnerabilities
Latest available3.29.3 ✓
Critical 9.8
2026-01-09< 3.28.30
CVE-2025-14736
Critical 9.1
2026-01-09< 3.28.26
CVE-2025-14741
High 7.2
2026-01-09< 3.28.24
CVE-2025-14937
Critical 9.8
2025-12-03< 3.28.21
CVE-2025-13342
High 8.5
2025-08-14< 3.28.5
CVE-2025-49267
Medium 6.8
2025-07-04< 3.28.8
CVE-2025-49303
High 7.1
2025-02-25< 3.25.18
CVE-2025-26987
Medium 5.9
2024-12-21< 3.25.2
CVE-2024-11722
High 8.1
2024-12-14< 3.25.1
CVE-2024-11721
High 7.2
2024-12-14< 3.25.1
CVE-2024-11720
Medium 6.3
2024-10-16< 3.3.33
Freemius SDK <= 2.4.2 - Missing Authorization Checks
Critical 9.8
2024-05-02< 3.19.5
CVE-2024-3729
Critical 10.0
2024-12-27< 3.18.4
WordPress Frontend Admin by DynamiApps Plugin <= 3.18.3 is vulnerable to Arbitrary File Upload
N/A
2023-07-19< 3.8.0
WordPress ACF Frontend – Add and edit posts, pages, users and more all from the frontend Plugin <= 3.7.11 is vulnerable to Cross Site Scripting (XSS)
N/A
2022-03-04< 3.3.33
Freemius SDK <= 2.4.2 - Missing Authorization Checks
N/A
2022-02-28< 3.3.33
WordPress "ACF Frontend – Add and edit posts, pages, users and more all from the frontend" plugin < 3.3.33 - Sensitive Information Disclosure vulnerability
N/A
2022-02-28< 3.3.33
WordPress "ACF Frontend – Add and edit posts, pages, users and more all from the frontend" plugin < 3.3.33 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability