Skip to content

Security data

Weaknesses (CWE)The MITRE CWE weakness catalog
Attack Patterns (CAPEC)MITRE CAPEC attack patterns
CNAsNumbering authorities + report cards
VendorsVulnerabilities by vendor

Tools

CVSS CalculatorScore CVSS 4.0, 3.1, 3.0 & 2.0

Resources

LearnPlain-English security guides
Data SourcesHow we source CVE data

About Us Blog Pricing Book a Demo

Log in

RadicalNotion.AI

We do not sell or share your personal information

© 2026 RadicalNotion.AI

Security Data

CWE Directory
CAPEC Directory
CNA Directory
CNA Report Cards
Data Sources

Calculators

CVSS Calculator
CVSS 4.0
CVSS 3.1
CVSS 3.0
CVSS 2.0

Platform

My Vulnerabilities
Insights
Notifications
Account
Pricing

Company

About us
Blog
Learn
Book a demo

Get Started

Sign up
Log in

Legal

Privacy
Terms

Home
Vendors
Wpshuffle

wpshuffle Vulnerabilities: CVEs, CISA KEV & Security Advisories

10 CVEs

wpshuffle Vulnerabilities

CVE security advisories and vulnerability history for wpshuffle.

10

Total CVEs

Published

0

In CISA KEV

Exploited in the wild

0

Public exploits

With known exploit

5.9

Avg CVSS

2024–2026

Overview

wpshuffle has 10 published CVE records since 2024, of which 0 are in CISA's Known Exploited Vulnerabilities catalog and 0 have a known public exploit. The average CVSS base score across scored CVEs is 5.9.

This page aggregates every publicly disclosed vulnerability (CVE) affecting wpshuffle products, with severity breakdowns, the most-affected products, the most common weakness types, and the latest disclosures.

Severity and exploitation

How the CVSS severity of wpshuffle's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical1

High2

Medium7

Low0

In CISA’s Known Exploited Vulnerabilities catalog

0

None of wpshuffle's CVEs are currently listed in CISA's KEV catalog.

Public exploits

0

No wpshuffle CVEs currently have a tracked public exploit.

Most affected products

The wpshuffle products with the most published CVEs.

Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin4 CVEs
Subscribe to Download3 CVEs
Subscribe To Unlock2 CVEs
frontend post submission manager1 CVEs
WP Subscription Forms PRO1 CVEs

Common weakness types

The CWE weakness categories most often found in wpshuffle CVEs. Follow any weakness for its full explanation.

CWE-862Missing Authorization6 CVEs
CWE-98Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')2 CVEs
CWE-502Deserialization of Untrusted Data1 CVE
CWE-601URL Redirection to Untrusted Site ('Open Redirect')1 CVE

CNAs that assign these CVEs

The CVE Numbering Authorities that publish wpshuffle CVE records.

Patchstack6 CVEs
Wordfence4 CVEs

Disclosure activity by year

How many wpshuffle CVEs were published each year.

2024

1

2025

8

2026

1

Latest wpshuffle CVEs

The most recently disclosed vulnerabilities affecting wpshuffle.

Frontend Post Submission Manager Lite <= 1.2.7 - Unauthenticated Open Redirect via 'requested_page' Parameter
CWE-601
Medium · CVSS 6.1
EPSS 0.4%2026-02-18
Frontend Post Submission Manager Lite <= 1.2.6 - Incorrect Authorization to Unauthenticated Arbitrary Attachment Deletion
CWE-862
Medium · CVSS 5.3
EPSS 0.0%2025-12-25
Frontend Post Submission Manager Lite <= 1.2.5 - Missing Authorization to Unauthenticated Arbitrary Post Modification
CWE-862
Medium · CVSS 5.3
EPSS 0.1%2025-12-21
WordPress Subscribe to Download plugin <= 2.0.9 - PHP Object Injection vulnerability
CWE-502
Critical · CVSS 9.8
EPSS 0.1%2025-10-22
WordPress WP Subscription Forms PRO Plugin <= 2.0.5 - Arbitrary Content Deletion Vulnerability
CWE-862
Medium · CVSS 4.3
EPSS 0.0%2025-09-26
WordPress Subscribe To Unlock Plugin <= 1.1.5 - Local File Inclusion Vulnerability
CWE-98
High · CVSS 7.5
EPSS 0.1%2025-09-26
WordPress Subscribe To Unlock Plugin <= 1.1.5 - Broken Access Control Vulnerability
CWE-862
Medium · CVSS 4.3
EPSS 0.0%2025-09-26
WordPress Subscribe to Download plugin <= 2.0.9 - Local File Inclusion vulnerability
CWE-98
High · CVSS 7.5
EPSS 0.1%2025-09-26
WordPress Subscribe to Download plugin <= 2.0.9 - Broken Access Control vulnerability
CWE-862
Medium · CVSS 4.3
EPSS 0.0%2025-09-26
Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin <= 1.2.2 - Missing Authorization to Authenticated (Subscriber+) Settings Update
CWE-862
Medium · CVSS 4.3
EPSS 0.1%2024-09-06

Track new wpshuffle CVEs as they are disclosed and get AI-written analysis and remediation guidance.

Monitor wpshuffle CVEs

Other vendors

Browse vulnerabilities for other tracked vendors.

microsoft24,097 CVEs Linux19,131 CVEs google14,281 CVEs apple14,019 CVEs oracle10,440 CVEs debian10,201 CVEs IBM8,265 CVEs Adobe7,222 CVEs

Browse all vendors

Frequently asked questions

Common questions about wpshuffle vulnerabilities.

How many CVEs does wpshuffle have?

wpshuffle has 10 published CVE records since 2024, including 9 in the last two years.

How many wpshuffle CVEs are in CISA KEV?

None of wpshuffle's CVEs are currently listed in CISA's Known Exploited Vulnerabilities catalog.

Which wpshuffle products have the most CVEs?

The wpshuffle products with the most published CVEs are Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin, Subscribe to Download, Subscribe To Unlock, frontend post submission manager, WP Subscription Forms PRO.

What are the most common weakness types in wpshuffle CVEs?

wpshuffle's CVEs most often map to these CWE weakness types: CWE-862 (Missing Authorization), CWE-98 (Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')), CWE-502 (Deserialization of Untrusted Data), CWE-601 (URL Redirection to Untrusted Site ('Open Redirect')).

Are there public exploits for wpshuffle vulnerabilities?

No wpshuffle CVEs currently have a tracked public exploit in this dataset.

How many critical wpshuffle vulnerabilities are there?

wpshuffle has 1 critical and 2 high-severity CVEs.

What is the average severity of wpshuffle CVEs?

The average CVSS base score across wpshuffle's scored CVEs is 5.9.

References

The MITRE CVE Program (opens in a new tab)
Learn: What is a CVE?
CWE directory: the weakness types these CVEs map to
CNA directory: the CNAs that assign these CVEs

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track wpshuffle vulnerabilities

Monitor new wpshuffle vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing

On this page

Overview
Severity and exploitation
Most affected products
Common weakness types
Assigning CNAs
Disclosure activity
Latest CVEs
Other vendors
FAQ
References