CVE Catalog
CVE-2026-57334
MediumCVSS 6.5Summary
The WP User Frontend plugin versions up to 4.3.7 contain a vulnerability allowing unauthenticated attackers to bypass access controls. This flaw enables unauthorized access to functions intended for authenticated users.
Risk Assessment
The risk involves potential unauthorized access to sensitive data or administrative functions by unauthenticated users. This could lead to information disclosure or privilege escalation within the WordPress system.
Recommendation
Immediately update the WP User Frontend plugin to the latest available version. Also review access control configurations and ensure no other vulnerable components remain.
Original NVD description (English source)
Unauthenticated Broken Access Control in WP User Frontend <= 4.3.7 versions.

