VYPR

Frontend Post Submission Manager Lite

by WordPress

Source repositories

CVEs (4)

  • CVE-2026-1296MedFeb 18, 2026
    risk 0.40cvss 6.1epss 0.00

    The Frontend Post Submission Manager Lite plugin for WordPress is vulnerable to Open Redirection in all versions up to, and including, 1.2.7 due to insufficient validation on the 'requested_page' POST parameter in the verify_username_password function. This makes it possible for…

  • CVE-2025-14080MedDec 21, 2025
    risk 0.34cvss 5.3epss 0.00

    The Frontend Post Submission Manager Lite plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.2.5. This is due to missing authorization checks on the post update functionality in the fpsml_form_process AJAX action. This makes it…

  • CVE-2024-8427MedSep 6, 2024
    risk 0.28cvss 4.3epss 0.00

    The Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_global_settings and process_form_edit functions in all versions up to, and…

  • CVE-2025-14913MedDec 26, 2025
    risk 0.27cvss 5.3epss 0.00

    The Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to an incorrect authorization check on the 'media_delete_action' function in all versions up to, and including, 1.2.6. This makes…