Metagauss: >> Profilegrid >> 1.3.3 Security Vulnerabilities
The ProfileGrid WordPress plugin before 5.3.1 provides an AJAX endpoint for resetting a user password but does not implement proper authorization. This allows a user with low privileges, such as subscriber, to change the password of any account, including Administrator ones.
CVSS Score
8.8
EPSS Score
0.002
Published
2023-03-20
Auth. (subscriber+) CSV Injection vulnerability in ProfileGrid plugin <= 5.1.6 on WordPress.
CVSS Score
6.5
EPSS Score
0.002
Published
2022-11-17
The ProfileGrid WordPress plugin before 5.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting
CVSS Score
6.1
EPSS Score
0.088
Published
2022-11-14
The ProfileGrid – User Profiles, Memberships, Groups and Communities WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the pm_user_avatar and pm_cover_image parameters found in the ~/admin/class-profile-magic-admin.php file which allows attackers with authenticated user access, such as subscribers, to inject arbitrary web scripts into their profile, in versions up to and including 1.2.7.
CVSS Score
6.4
EPSS Score
0.002
Published
2022-01-18
The profilegrid-user-profiles-groups-and-communities plugin before 2.8.6 for WordPress has remote code execution via an wp-admin/admin-ajax.php request with the action=pm_template_preview&html=<?php substring followed by PHP code.
CVSS Score
8.8
EPSS Score
0.1
Published
2019-09-03
Page 4