A vulnerability was found in WP Front-End Login and Register Plugin up to 2.1.0 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation of the argument wpmp_reset_password_token leads to cross site scripting.

This vulnerability was named CVE-2024-11405. The attack can be initiated remotely. There is no exploit available.