Live Vulnerability Intelligence
Threat Database
Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.
Threat Entry
Updated 2026-04-08
CVE-2021-4383 - Wp Quick Front End Editor Plugin
The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to page content injection in versions up to, and including, 5.5. This is due to missing capability checks in the plugin's page-editing functionality. This makes it possible for low-authenticated attackers, such as subscribers, to edit/create any page or post on the blog.
PLUGIN
Wp Quick Front End Editor
CVE-2021-4383
Risk Score
Threat Entry
Updated 2026-04-08
CVE-2021-4363 - Wp Quick Front End Editor Plugin
The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 5.5 due to insufficient input sanitization and output escaping on the 'save_content_front' function that uses print_r on the user-supplied $_REQUEST values . This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
PLUGIN
Wp Quick Front End Editor
CVE-2021-4363
Risk Score
Threat Entry
Updated 2026-04-08
CVE-2021-4371 - Wp Quick Front End Editor Plugin
The WP Quick FrontEnd Editor plugin for WordPress is vulnerable to Setting Changs in versions up to, and including, 5.5. This is due to lacking both a security nonce and a capabilities check. This makes it possible for low-authenticated attackers to change plugin settings even when they do not have the capabilities to do so.
PLUGIN
Wp Quick Front End Editor
CVE-2021-4371
Risk Score