N/A
2026-03-12< 5.0.6
Guest posting / Frontend Posting / Front Editor – WP Front User Submit < 5.0.6 - Unauthenticated Information Exposure
Guest posting / Frontend Posting / Front Editor – WP Front User Submit
Minimum safe version
5.0.6
Update to 5.0.6 or later to address 15 fixable vulnerabilities
Latest available5.0.6 ✓⚠ 2 vulnerabilities have no fix
Medium 5.3
2026-01-07< 5.0.1
CVE-2025-13419
Medium 4.7
2025-11-24< 5.0.0
CVE-2025-12569
High 7.1
2025-06-27< 4.9.4
CVE-2025-28988
High 7.1 Unfixed
2025-06-20≤ 5.0.6
WordPress WP Front User Submit / Front Editor plugin <= 5.0.6 - Cross Site Request Forgery (CSRF) vulnerability
Medium 5.9 Unfixed
2025-05-07≤ 5.0.6
WordPress WP Front User Submit / Front Editor plugin <= 5.0.6 - Cross Site Scripting (XSS) vulnerability
Medium 6.3
2024-10-16< 3.4.1
Freemius SDK <= 2.4.2 - Missing Authorization Checks
Medium 4.4
2024-05-02< 4.4.8
CVE-2024-2967
Medium 4.8
2023-08-30< 4.0.4
CVE-2023-1982
N/A
2023-07-18< 4.0.4
WordPress WP Front User Submit / Front Editor Plugin <= 4.0.0 is vulnerable to Cross Site Scripting (XSS)
N/A
2023-06-27< 3.8.5
WordPress WP Front User Submit / Front Editor Plugin <= 3.8.4 is vulnerable to Cross Site Scripting (XSS)
N/A
2023-06-27< 3.8.5
Front User Submit | Front Editor <= 3.8.4 - Authenticated (Subscriber+) Stored Cross-Site Scripting
N/A
2023-06-13< 3.8.0
WordPress WP Front User Submit / Front Editor Plugin < 3.8.0 is vulnerable to Cross Site Scripting (XSS)
N/A
2023-06-12< 3.8.0
Front User Submit | Front Editor <= 3.7.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting
N/A
2022-03-04< 3.4.1
Freemius SDK <= 2.4.2 - Missing Authorization Checks
N/A
2022-02-28< 3.4.1
WordPress Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor plugin <= 3.4.0 - Sensitive Information Disclosure vulnerability
N/A
2022-02-28< 3.4.1
WordPress Guest posting / Frontend Posting wordpress plugin – WP Front User Submit / Front Editor plugin <= 3.4.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability