The Front User Submit | Front Editor plugin for WordPress is vulnerable to a security issue. Attackers with subscriber-level permissions and above can inject web scripts into pages that will run whenever a user visits an affected page. This security flaw is present in all versions up to and including 3.7.0 because of a lack of input sanitization and output escaping.