Medium severity5.3NVD Advisory· Published Dec 26, 2025· Updated Apr 15, 2026
CVE-2025-14913
CVE-2025-14913
Description
The Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to an incorrect authorization check on the 'media_delete_action' function in all versions up to, and including, 1.2.6. This makes it possible for unauthenticated attackers to delete arbitrary attachments.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=1.2.6
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.