7 matches found
CVE-2026-2494 ProfileGrid <= 5.9.8.2 - Cross-Site Request Forgery to Group Membership Request Approval/Denial
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.9.8.2. This is due to missing nonce validation on the membership request management page approve and decline actions. This makes it...
CVE-2026-2494 ProfileGrid <= 5.9.8.2 - Cross-Site Request Forgery to Group Membership Request Approval/Denial
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.9.8.2. This is due to missing nonce validation on the membership request management page approve and decline actions. This makes it...
CVE-2026-2494
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.9.8.2. This is due to missing nonce validation on the membership request management page approve and decline actions. This makes it...
EUVD-2022-2764
Malicious code in bioql PyPI...
CVE-2020-5502
phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships...
CVE-2024-7296
An issue was discovered in GitLab EE affecting all versions from 16.5 prior to 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2 which allowed a user with a custom permission to approve pending membership requests beyond the maximum number of allowed users...
GitLab Enterprise Edition 安全漏洞
GitLab Enterprise Edition EE is a content management system from the American company GitLab. A security vulnerability exists in GitLab Enterprise Edition versions 16.5 through before 17.7.7, 17.8 through before 17.8.5, and 17.9 through before 17.9.2, which stems from the ability of a user with...