CVE-2026-4058
Deferred Deferred - Pending Action

Unauthorized Subscription Cancellation in User Frontend WordPress Plugin

Publication date: 2026-06-09

Last updated on: 2026-06-09

Assigner: Wordfence

Description
The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the user_subscription_cancel() function in all versions up to, and including, 4.3.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to cancel any user's subscription pack, including administrators.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-09
Last Modified
2026-06-09
Generated
2026-06-29
AI Q&A
2026-06-09
EPSS Evaluated
2026-06-28
NVD
CVE-2026-4058
EUVD
EUVD-2026-35388

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
wp_user_frontend wp_user_frontend to 4.3.2 (inc)
wordfence user_frontend to 4.3.2 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

The vulnerability exists in the User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress. It is caused by a missing capability check in the user_subscription_cancel() function in all versions up to and including 4.3.2.

This flaw allows authenticated attackers who have Subscriber-level access or higher to cancel any user's subscription pack, including those of administrators, without proper authorization.

Impact Analysis

An attacker with Subscriber-level access or above can exploit this vulnerability to cancel subscriptions of any user, including administrators.

This unauthorized modification can disrupt user services, cause administrative inconvenience, and potentially lead to denial of service for subscription-based features.

Mitigation Strategies

The vulnerability exists in all versions up to and including 4.3.2 of the User Frontend plugin for WordPress. Immediate mitigation steps include updating the plugin to a version later than 4.3.2 where the issue is fixed.

Additionally, restrict Subscriber-level access or higher to trusted users only, as authenticated users with Subscriber-level access can exploit this vulnerability to cancel any user's subscription.

Compliance Impact

This vulnerability allows authenticated users with Subscriber-level access and above to cancel any user's subscription pack, including administrators, due to a missing capability check. While the CVE description does not explicitly mention compliance with standards such as GDPR or HIPAA, unauthorized modification of user subscription data could potentially lead to violations of data integrity and access control requirements mandated by these regulations.

Specifically, unauthorized changes to user data may undermine principles of data protection and accountability, which are core to GDPR and HIPAA compliance. Organizations relying on this plugin should consider the risk of unauthorized data modification as a compliance concern and apply appropriate mitigations.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-4058. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart