WPFront User Role Editor — Vulnerabilities & Security Advisories 4

All 4 CVE vulnerabilities found in WPFront User Role Editor, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-60102	WordPress WPFront User Role Editor Plugin <= 4.2.3 - Cross Site Scripting (XSS) Vulnerability CWE-79	6.5	Medium	2025-09-26
CVE-2025-3064	WPFront User Role Editor <= 4.2.1 - Cross-Site Request Forgery to Privilege Escalation via whitelist_options Function CWE-352	8.8	High	2025-04-08
CVE-2024-2931	WPFront User Role Editor <= 3.2.1.11184 - Limited Information Exposure CWE-200	4.3	Medium	2024-04-02
CVE-2021-24984	WPFront User Role Editor < 3.2.1.11184 - Reflected Cross-Site Scripting CWE-79	6.1	-	2021-12-27

All 4 known CVE vulnerabilities affecting WPFront User Role Editor with full Chinese analysis, references, and POCs where available.