Medium 6.5
2025-09-26< 4.2.4
WPFront User Role Editor <= 4.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
WPFront User Role Editor
Minimum safe version
4.2.4
Update to 4.2.4 or later to address 5 fixable vulnerabilities
Latest available4.2.4 ✓
High 8.8
2025-04-08< 4.2.2
WordPress WPFront User Role Editor Plugin <= 4.2.1 is vulnerable to Cross Site Request Forgery (CSRF)
Medium 4.3
2024-04-02< 4.1.0
CVE-2024-2931
N/A
2021-11-23< 3.2.1.11184
WPFront User Role Editor < 3.2.1.11184 - Reflected Cross-Site Scripting
Medium 6.1
2021-12-27< 3.2.1.11184
CVE-2021-24984