CVE-2025-14047 | WP User Frontend Plugin up to 4.2.4 on WordPress Attachment Deletion submit_post authorization

Inserito da Angelo Barbosa | Gen 1, 2026 | CVE

A vulnerability labeled as critical has been found in WP User Frontend Plugin up to 4.2.4 on WordPress. The affected element is the function Frontend_Form_Ajax::submit_post of the component Attachment Deletion Handler. Such manipulation leads to missing authorization.

This vulnerability is documented as CVE-2025-14047. The attack can be executed remotely. There is not any exploit available.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

CVE-2025-14047 | WP User Frontend Plugin up to 4.2.4 on WordPress Attachment Deletion submit_post authorization

Post correlati

CVE-2025-49721 | Microsoft

CVE-2024-27570 | LBT T300-T390 2.2.1.8 HTTP POST Request generate_conf_router ApCliSsid stack-based overflow

CVE-2023-52027 | Totolink A3700R 9.1.2u.5822_B20200513 NTPSyncWithHost Privilege Escalation

CVE-2024-12844 | Emlog Pro up to 2.4.1 /admin/store.php tag cross site scripting