N/A
2026-03-06< 1.3.9
WP Frontend Profile <= 1.3.8 - Cross-Site Request Forgery to Unauthorized User Account Approval or Rejection
WP Frontend Profile
Minimum safe version
1.3.9
Update to 1.3.9 or later to address 12 fixable vulnerabilities
Latest available1.3.9 ✓Affected up to1.2.5 ⚠⚠ 1 vulnerability has no fix
Medium 5.3 Unfixed
2026-04-08≤ 1.3.9
CVE-2026-39688
Medium 6.3
2024-10-16< 1.2.6
Freemius SDK <= 2.4.2 - Missing Authorization Checks
Critical 9.8
2024-12-27< 1.3.2
WordPress WP Frontend Profile Plugin <= 1.3.1 is vulnerable to Privilege Escalation
N/A
< 1.2.2
WP Frontend Profile < 1.2.2 - CSRF Check Incorrectly Implemented
N/A
2023-07-18< 1.3.1
WordPress WP Frontend Profile Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)
N/A
2020-05-19< 1.2.2
WP Frontend Profile <= 1.2.1 - Cross-Site Request Forgery
N/A
2022-03-04< 1.2.5
Freemius SDK <= 2.4.2 - Missing Authorization Checks
N/A
2016-09-14< 0.2.2
WordPress Front End Profile Plugin <= 0.2.1 - Multiple Vulnerabilities
N/A
2020-05-19< 1.2.2
WordPress WP Frontend Profile plugin <= 1.2.1 - Nonce Security Issue vulnerability
N/A
2022-02-28< 1.2.6
WordPress WP Frontend Profile plugin <= 1.2.5 - Sensitive Information Disclosure vulnerability
N/A
2022-02-28≤ 1.2.5
WordPress WP Frontend Profile plugin <= 1.2.5 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Medium 6.1
2019-08-21< 0.2.2
CVE-2019-15110
Critical 9.8
2019-08-21< 0.2.2
CVE-2019-15111