Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for Frontend Dashboard by vinoth06

    CVE-2025-4474 (GCVE-0-2025-4474)

    Vulnerability from nvd – Published: 2025-05-13 06:40 – Updated: 2025-05-13 13:16
    VLAI
    Title
    Frontend Dashboard 1.0 - 2.2.7 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via fed_admin_setting_form_function Function
    Summary
    The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_admin_setting_form_function() function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to overwrite the plugin’s 'register' role setting to make new user registrations default to the administrator role, leading to an elevation of privileges to that of an administrator.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    vinoth06 Frontend Dashboard Affected: 1.0 , ≤ 2.2.7 (semver)
    Create a notification for this product.
    Credits
    Kenneth Dunn
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4474",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-13T13:16:25.258309Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-13T13:16:32.178Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Frontend Dashboard",
              "vendor": "vinoth06",
              "versions": [
                {
                  "lessThanOrEqual": "2.2.7",
                  "status": "affected",
                  "version": "1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Kenneth Dunn"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_admin_setting_form_function() function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to overwrite the plugin\u2019s \u0027register\u0027 role setting to make new user registrations default to the administrator role, leading to an elevation of privileges to that of an administrator."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285 Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-13T06:40:56.651Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fb61159a-e501-4c55-a384-b6049e0f0bc8?source=cve"
            },
            {
              "url": "https://wordpress.org/plugins/frontend-dashboard/#developers"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.7/includes/admin/request/admin.php#L26"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.7/includes/admin/request/tabs/login.php#L14"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3290623/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-05-12T17:50:15.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Frontend Dashboard 1.0 - 2.2.7 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via fed_admin_setting_form_function Function"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-4474",
        "datePublished": "2025-05-13T06:40:56.651Z",
        "dateReserved": "2025-05-08T19:57:39.408Z",
        "dateUpdated": "2025-05-13T13:16:32.178Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-4473 (GCVE-0-2025-4473)

    Vulnerability from nvd – Published: 2025-05-13 06:40 – Updated: 2025-05-13 13:53
    VLAI
    Title
    Frontend Dashboard 1.5.10 - 2.2.7 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via ajax_request Function
    Summary
    The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ajax_request() function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to control where the plugin sends outgoing emails. By pointing SMTP to their own server, attackers could capture password reset emails intended for administrators, and elevate their privileges for full site takeover.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    vinoth06 Frontend Dashboard Affected: 1.5.10 , ≤ 2.2.7 (semver)
    Create a notification for this product.
    Credits
    Kenneth Dunn
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4473",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-13T13:53:31.291413Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-13T13:53:38.690Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Frontend Dashboard",
              "vendor": "vinoth06",
              "versions": [
                {
                  "lessThanOrEqual": "2.2.7",
                  "status": "affected",
                  "version": "1.5.10",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Kenneth Dunn"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ajax_request() function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to control where the plugin sends outgoing emails. By pointing SMTP to their own server, attackers could capture password reset emails intended for administrators, and elevate their privileges for full site takeover."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285 Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-13T06:40:54.828Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2f3a10b5-b024-4b3f-af67-b7fcb997d368?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.7/route/class-fed-request.php#L35"
            },
            {
              "url": "https://wordpress.org/plugins/frontend-dashboard/#developers"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.7/includes/admin/function-admin.php#L3055"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.7/includes/admin/layout/settings_tab/email/class-fed-email.php#L122"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3290623/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-05-12T17:49:56.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Frontend Dashboard 1.5.10 - 2.2.7 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via ajax_request Function"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-4473",
        "datePublished": "2025-05-13T06:40:54.828Z",
        "dateReserved": "2025-05-08T19:36:38.384Z",
        "dateUpdated": "2025-05-13T13:53:38.690Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-4104 (GCVE-0-2025-4104)

    Vulnerability from nvd – Published: 2025-05-07 09:21 – Updated: 2025-05-07 13:29
    VLAI
    Title
    Frontend Dashboard 1.0 - 2.2.6 - Missing Authorization to Unauthenticated Privilege Escalation via fed_wp_ajax_fed_login_form_post Function
    Summary
    The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_wp_ajax_fed_login_form_post() function in versions 1.0 to 2.2.6. This makes it possible for unauthenticated attackers to reset the administrator’s email and password, and elevate their privileges to that of an administrator.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    vinoth06 Frontend Dashboard Affected: 1.0 , ≤ 2.2.6 (semver)
    Create a notification for this product.
    Credits
    Kenneth Dunn
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4104",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-07T13:27:29.659741Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-07T13:29:49.041Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Frontend Dashboard",
              "vendor": "vinoth06",
              "versions": [
                {
                  "lessThanOrEqual": "2.2.6",
                  "status": "affected",
                  "version": "1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Kenneth Dunn"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_wp_ajax_fed_login_form_post() function in versions 1.0 to 2.2.6. This makes it possible for unauthenticated attackers to reset the administrator\u2019s email and password, and elevate their privileges to that of an administrator."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285 Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-07T09:21:44.603Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/31e518a9-316b-40a4-ada7-317fb2c16766?source=cve"
            },
            {
              "url": "https://wordpress.org/plugins/frontend-dashboard/#developers"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.6/includes/frontend/request/login/index.php#L21"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.6/includes/frontend/request/login/register.php#L16"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3288562/"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.7/includes/frontend/request/login/validation.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-05-06T20:38:49.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Frontend Dashboard 1.0 - 2.2.6 - Missing Authorization to Unauthenticated Privilege Escalation via fed_wp_ajax_fed_login_form_post Function"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-4104",
        "datePublished": "2025-05-07T09:21:44.603Z",
        "dateReserved": "2025-04-29T23:31:17.147Z",
        "dateUpdated": "2025-05-07T13:29:49.041Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8268 (GCVE-0-2024-8268)

    Vulnerability from nvd – Published: 2024-09-10 02:05 – Updated: 2026-04-08 17:02
    VLAI
    Title
    Frontend Dashboard <= 2.2.4 - Authenticated (Subscriber+) Arbitrary Function Call
    Summary
    The Frontend Dashboard plugin for WordPress is vulnerable to unauthorized code execution due to insufficient filtering on callable methods/functions via the ajax_request() function in all versions up to, and including, 2.2.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to call arbitrary functions that can be leverage for privilege escalation by changing user's passwords.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Vendor Product Version
    vinoth06 Frontend Dashboard Affected: 0 , ≤ 2.2.4 (semver)
    Create a notification for this product.
    buffercode frontend_dashboard Affected: 0 , ≤ 2.2.4 (semver)
        cpe:2.3:a:buffercode:frontend_dashboard:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Lucio Sá
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:buffercode:frontend_dashboard:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "frontend_dashboard",
                "vendor": "buffercode",
                "versions": [
                  {
                    "lessThanOrEqual": "2.2.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8268",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:41:50.831201Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T13:43:09.485Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Frontend Dashboard",
              "vendor": "vinoth06",
              "versions": [
                {
                  "lessThanOrEqual": "2.2.4",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Lucio S\u00e1"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Frontend Dashboard plugin for WordPress is vulnerable to unauthorized code execution due to insufficient filtering on callable methods/functions via the ajax_request() function in all versions up to, and including, 2.2.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to call arbitrary functions that can be leverage for privilege escalation by changing user\u0027s passwords."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:02:54.880Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7d66694a-c99f-44f8-8004-1a47ad9f9250?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.4/route/class-fed-request.php#L29"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3147868/frontend-dashboard/tags/2.2.5/route/class-fed-request.php?old=3048034\u0026old_path=frontend-dashboard%2Ftags%2F2.2.4%2Froute%2Fclass-fed-request.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-09-09T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Frontend Dashboard \u003c= 2.2.4 - Authenticated (Subscriber+) Arbitrary Function Call"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-8268",
        "datePublished": "2024-09-10T02:05:10.921Z",
        "dateReserved": "2024-08-28T17:24:05.590Z",
        "dateUpdated": "2026-04-08T17:02:54.880Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-4474 (GCVE-0-2025-4474)

    Vulnerability from cvelistv5 – Published: 2025-05-13 06:40 – Updated: 2025-05-13 13:16
    VLAI
    Title
    Frontend Dashboard 1.0 - 2.2.7 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via fed_admin_setting_form_function Function
    Summary
    The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_admin_setting_form_function() function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to overwrite the plugin’s 'register' role setting to make new user registrations default to the administrator role, leading to an elevation of privileges to that of an administrator.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    vinoth06 Frontend Dashboard Affected: 1.0 , ≤ 2.2.7 (semver)
    Create a notification for this product.
    Credits
    Kenneth Dunn
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4474",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-13T13:16:25.258309Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-13T13:16:32.178Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Frontend Dashboard",
              "vendor": "vinoth06",
              "versions": [
                {
                  "lessThanOrEqual": "2.2.7",
                  "status": "affected",
                  "version": "1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Kenneth Dunn"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_admin_setting_form_function() function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to overwrite the plugin\u2019s \u0027register\u0027 role setting to make new user registrations default to the administrator role, leading to an elevation of privileges to that of an administrator."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285 Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-13T06:40:56.651Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fb61159a-e501-4c55-a384-b6049e0f0bc8?source=cve"
            },
            {
              "url": "https://wordpress.org/plugins/frontend-dashboard/#developers"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.7/includes/admin/request/admin.php#L26"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.7/includes/admin/request/tabs/login.php#L14"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3290623/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-05-12T17:50:15.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Frontend Dashboard 1.0 - 2.2.7 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via fed_admin_setting_form_function Function"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-4474",
        "datePublished": "2025-05-13T06:40:56.651Z",
        "dateReserved": "2025-05-08T19:57:39.408Z",
        "dateUpdated": "2025-05-13T13:16:32.178Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-4473 (GCVE-0-2025-4473)

    Vulnerability from cvelistv5 – Published: 2025-05-13 06:40 – Updated: 2025-05-13 13:53
    VLAI
    Title
    Frontend Dashboard 1.5.10 - 2.2.7 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via ajax_request Function
    Summary
    The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ajax_request() function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to control where the plugin sends outgoing emails. By pointing SMTP to their own server, attackers could capture password reset emails intended for administrators, and elevate their privileges for full site takeover.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    vinoth06 Frontend Dashboard Affected: 1.5.10 , ≤ 2.2.7 (semver)
    Create a notification for this product.
    Credits
    Kenneth Dunn
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4473",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-13T13:53:31.291413Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-13T13:53:38.690Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Frontend Dashboard",
              "vendor": "vinoth06",
              "versions": [
                {
                  "lessThanOrEqual": "2.2.7",
                  "status": "affected",
                  "version": "1.5.10",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Kenneth Dunn"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the ajax_request() function in versions 1.0 to 2.2.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to control where the plugin sends outgoing emails. By pointing SMTP to their own server, attackers could capture password reset emails intended for administrators, and elevate their privileges for full site takeover."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285 Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-13T06:40:54.828Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2f3a10b5-b024-4b3f-af67-b7fcb997d368?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.7/route/class-fed-request.php#L35"
            },
            {
              "url": "https://wordpress.org/plugins/frontend-dashboard/#developers"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.7/includes/admin/function-admin.php#L3055"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.7/includes/admin/layout/settings_tab/email/class-fed-email.php#L122"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3290623/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-05-12T17:49:56.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Frontend Dashboard 1.5.10 - 2.2.7 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via ajax_request Function"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-4473",
        "datePublished": "2025-05-13T06:40:54.828Z",
        "dateReserved": "2025-05-08T19:36:38.384Z",
        "dateUpdated": "2025-05-13T13:53:38.690Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-4104 (GCVE-0-2025-4104)

    Vulnerability from cvelistv5 – Published: 2025-05-07 09:21 – Updated: 2025-05-07 13:29
    VLAI
    Title
    Frontend Dashboard 1.0 - 2.2.6 - Missing Authorization to Unauthenticated Privilege Escalation via fed_wp_ajax_fed_login_form_post Function
    Summary
    The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_wp_ajax_fed_login_form_post() function in versions 1.0 to 2.2.6. This makes it possible for unauthenticated attackers to reset the administrator’s email and password, and elevate their privileges to that of an administrator.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    vinoth06 Frontend Dashboard Affected: 1.0 , ≤ 2.2.6 (semver)
    Create a notification for this product.
    Credits
    Kenneth Dunn
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4104",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-07T13:27:29.659741Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-07T13:29:49.041Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Frontend Dashboard",
              "vendor": "vinoth06",
              "versions": [
                {
                  "lessThanOrEqual": "2.2.6",
                  "status": "affected",
                  "version": "1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Kenneth Dunn"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a missing capability check on the fed_wp_ajax_fed_login_form_post() function in versions 1.0 to 2.2.6. This makes it possible for unauthenticated attackers to reset the administrator\u2019s email and password, and elevate their privileges to that of an administrator."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "CWE-285 Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-07T09:21:44.603Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/31e518a9-316b-40a4-ada7-317fb2c16766?source=cve"
            },
            {
              "url": "https://wordpress.org/plugins/frontend-dashboard/#developers"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.6/includes/frontend/request/login/index.php#L21"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.6/includes/frontend/request/login/register.php#L16"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3288562/"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.7/includes/frontend/request/login/validation.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-05-06T20:38:49.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Frontend Dashboard 1.0 - 2.2.6 - Missing Authorization to Unauthenticated Privilege Escalation via fed_wp_ajax_fed_login_form_post Function"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-4104",
        "datePublished": "2025-05-07T09:21:44.603Z",
        "dateReserved": "2025-04-29T23:31:17.147Z",
        "dateUpdated": "2025-05-07T13:29:49.041Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-8268 (GCVE-0-2024-8268)

    Vulnerability from cvelistv5 – Published: 2024-09-10 02:05 – Updated: 2026-04-08 17:02
    VLAI
    Title
    Frontend Dashboard <= 2.2.4 - Authenticated (Subscriber+) Arbitrary Function Call
    Summary
    The Frontend Dashboard plugin for WordPress is vulnerable to unauthorized code execution due to insufficient filtering on callable methods/functions via the ajax_request() function in all versions up to, and including, 2.2.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to call arbitrary functions that can be leverage for privilege escalation by changing user's passwords.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    Impacted products
    Vendor Product Version
    vinoth06 Frontend Dashboard Affected: 0 , ≤ 2.2.4 (semver)
    Create a notification for this product.
    buffercode frontend_dashboard Affected: 0 , ≤ 2.2.4 (semver)
        cpe:2.3:a:buffercode:frontend_dashboard:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Lucio Sá
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:buffercode:frontend_dashboard:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "frontend_dashboard",
                "vendor": "buffercode",
                "versions": [
                  {
                    "lessThanOrEqual": "2.2.4",
                    "status": "affected",
                    "version": "0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-8268",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-10T13:41:50.831201Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-10T13:43:09.485Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Frontend Dashboard",
              "vendor": "vinoth06",
              "versions": [
                {
                  "lessThanOrEqual": "2.2.4",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Lucio S\u00e1"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Frontend Dashboard plugin for WordPress is vulnerable to unauthorized code execution due to insufficient filtering on callable methods/functions via the ajax_request() function in all versions up to, and including, 2.2.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to call arbitrary functions that can be leverage for privilege escalation by changing user\u0027s passwords."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:02:54.880Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/7d66694a-c99f-44f8-8004-1a47ad9f9250?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/frontend-dashboard/tags/2.2.4/route/class-fed-request.php#L29"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3147868/frontend-dashboard/tags/2.2.5/route/class-fed-request.php?old=3048034\u0026old_path=frontend-dashboard%2Ftags%2F2.2.4%2Froute%2Fclass-fed-request.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-09-09T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Frontend Dashboard \u003c= 2.2.4 - Authenticated (Subscriber+) Arbitrary Function Call"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-8268",
        "datePublished": "2024-09-10T02:05:10.921Z",
        "dateReserved": "2024-08-28T17:24:05.590Z",
        "dateUpdated": "2026-04-08T17:02:54.880Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }