CVE-2024-13569 – Front End Users <= 3.2.32 - Reflected XSS

https://notcve.org/view.php?id=CVE-2024-13569

01 Apr 2025 — The Front End Users WordPress plugin through 3.2.32 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. El complemento Front End Users de WordPress hasta la versión 3.2.32 no depura ni escapa un parámetro antes de mostrarlo nuevamente en la página, lo que genera un Cross-Site Scripting reflejado que podría usarse contra usuarios con privilegios altos, como el administrador.... • https://wpscan.com/vulnerability/b9742440-0e36-4900-b58e-41c9854a62b2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •