The Front User Submit | Front Editor plugin for WordPress has a security issue in versions up to 3.8.4 that could potentially allow an attacker with subscriber-level permission or higher to inject malicious code into pages. This code could then be executed by any user who views the page. This security flaw is caused by insufficient input sanitization and output escaping.