WPScan
How it works
Pricing
Vulnerabilities
WordPress
Plugins
Themes
Stats
Submit vulnerabilities
For developers
Status
API details
CLI scanner
Contact
Login
Talk to sales
WPScan
How it works
Pricing
Vulnerabilities
WordPress
Plugins
Themes
Stats
Submit vulnerabilities
For developers
Status
API details
CLI scanner
Contact
Login
Talk to sales
WordPress Plugin Vulnerabilities
WP Frontend Profile
2023-07-18
Freemius SDK < 2.5.10 - Reflected Cross-Site Scripting
No known fix
2022-02-28
Unauthorised AJAX Calls via Freemius
Fixed in version 1.2.6
2020-05-19
WP Frontend Profile < 1.2.2 - CSRF Check Incorrectly Implemented
Fixed in version 1.2.2
2016-09-14
WP Front End Profile <= 0.2.1 - Privilege Escalation & Stored Cross-Site Scripting (XSS)
Fixed in version 0.2.2
Fixed in version 0.2.2Fixed in version 0.2.2