Specialk

**Name of the Vulnerable Software and Affected Versions** User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress versions prior to 20260114 **Description** The software is susceptible to an authorization issue. This is due to the `usp get submitted category()` function improperly handling user-supplied category IDs received in the POST request body. Specifically, the function does not validate these IDs against the allowed categories configured by the administrator and stored in `usp options['categories']`. This allows unauthenticated attackers to assign submitted posts to any category, including restricted ones, by manipulating the `user-submitted-category[]` values in a direct POST request, effectively bypassing frontend category restrictions. **Recommendations** Update to a version later than 20260113.

**Name of the Vulnerable Software and Affected Versions** User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress versions prior to 20260111 **Description** The software is susceptible to Stored Cross-Site Scripting through the 'usp access' shortcode due to inadequate input sanitization and output escaping of user-provided attributes. This allows authenticated attackers with Contributor-level access or higher to inject malicious web scripts into pages. These scripts will then execute whenever a user accesses the compromised page. **Recommendations** Update the User Submitted Posts – Enable Users to Submit Posts from the Front End plugin to version 20260111 or later.