CVE-2025-26877 Information

Description

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Rustaurius Front End Users allows Stored XSS. This issue affects Front End Users: from n/a through 3.2.30.

Reference

https://patchstack.com/database/wordpress/plugin/front-end-only-users/vulnerability/wordpress-front-end-users-plugin-3-2-30-cross-site-scripting-xss-vulnerability?_s_id=cve