WordPress WP User Frontend plugin version 3.5.25 suffers from an authenticated remote SQL injection vulnerability. Continue reading...