The Front End PM plugin for WordPress has a security issue in all versions up to 11.4.3. This means that unauthenticated attackers (people who are not authorized to access the information) can view confidential data, such as files attached to private messages. This issue needs to be fixed as soon as possible.