WordPress Frontend Uploader plugin version 0.9.2 suffers from a cross site scripting vulnerability.