Show filters
32 Total Results
Displaying 11-20 of 32
Sort by:
Attacker Value
Unknown
CVE-2024-5453
Disclosure Date: June 05, 2024 (last updated February 26, 2025)
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pm_dismissible_notice and pm_wizard_update_group_icon functions in all versions up to, and including, 5.8.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change arbitrary options to the value '1' or change group icons.
0
Attacker Value
Unknown
CVE-2024-32774
Disclosure Date: May 17, 2024 (last updated February 26, 2025)
Improper Restriction of Excessive Authentication Attempts vulnerability in Metagauss ProfileGrid allows Removing Important Client Functionality.This issue affects ProfileGrid : from n/a through 5.8.2.
0
Attacker Value
Unknown
CVE-2024-3606
Disclosure Date: May 02, 2024 (last updated February 26, 2025)
The ProfileGrid – User Profiles, Memberships, Groups and Communities plugin for WordPress is vulnerable to unauthorized deletion of data due to a missing capability check on the pm_upload_cover_image function in all versions up to, and including, 5.8.3. This makes it possible for authenticated attackers, with subscriber access or higher, to delete attachments.
0
Attacker Value
Unknown
CVE-2024-32808
Disclosure Date: April 24, 2024 (last updated February 26, 2025)
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9.
0
Attacker Value
Unknown
CVE-2024-32772
Disclosure Date: April 24, 2024 (last updated February 26, 2025)
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9.
0
Attacker Value
Unknown
CVE-2024-31362
Disclosure Date: April 12, 2024 (last updated February 26, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8.
0
Attacker Value
Unknown
CVE-2024-31291
Disclosure Date: April 07, 2024 (last updated February 26, 2025)
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.6.
0
Attacker Value
Unknown
CVE-2024-30513
Disclosure Date: March 29, 2024 (last updated February 26, 2025)
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.2.
0
Attacker Value
Unknown
CVE-2024-30491
Disclosure Date: March 29, 2024 (last updated February 26, 2025)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8.
0
Attacker Value
Unknown
CVE-2024-30490
Disclosure Date: March 29, 2024 (last updated February 26, 2025)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8.
0