Rustaurius Front End Users

9 CVEs affecting Rustaurius Front End Users. Latest disclosed: 2025-10-22. Critical: 1, High: 1.

Top CVEs affecting Rustaurius Front End Users
CVESeverityScorePublishedSummary
CVE-2025-2005Critical9.82025-04-02The Front End Users plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the file uploads field of the registrat…
CVE-2024-7607High8.82024-08-29The Front End Users plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter in all versions up to, and including, 3.2.28 due t…
CVE-2025-58235Medium6.52025-09-22Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rustaurius Front End Users front-end-only-users allows St…
CVE-2025-26877Medium6.52025-02-25Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rustaurius Front End Users front-end-only-users allows St…
CVE-2024-13563Medium6.42025-02-15The Front End Users plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's forgot-password shortcode in all versions up to, and inc…
CVE-2024-7606Medium6.42024-08-29The Front End Users plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'user-search' shortcode in all versions up to, and inclu…
CVE-2025-47580Medium5.42025-05-15Missing Authorization vulnerability in Rustaurius Front End Users front-end-only-users allows Exploiting Incorrectly Configured Access Control Security Levels…
CVE-2024-12410Medium4.92025-04-02The Front End Users plugin for WordPress is vulnerable to SQL Injection via the 'UserSearchField' parameter in all versions up to, and including, 3.2.32 due to…
CVE-2025-62072Medium4.32025-10-22Missing Authorization vulnerability in Rustaurius Front End Users front-end-only-users.This issue affects Front End Users: from n/a through <= 3.2.33.