Lucene search
K

159 matches found

EUVD
EUVD
added 2026/02/05 8:25 a.m.5 views

EUVD-2025-206868

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized user suspension due to a missing capability check on the pmdeactivateuserfromgroup function in all versions up to, and including, 5.9.7.2. This makes it possible for authenticated attackers,...

4.3CVSS5.5AI score0.00282EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/05 8:25 a.m.5 views

CVE-2025-13416 ProfileGrid – User Profiles, Groups and Communities <= 5.9.7.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary User Suspension

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized user suspension due to a missing capability check on the pmdeactivateuserfromgroup function in all versions up to, and including, 5.9.7.2. This makes it possible for authenticated attackers,...

4.3CVSS5.5AI score0.00282EPSS
Exploits0References4
CVE
CVE
added 2026/02/05 8:25 a.m.31 views

CVE-2025-13416

The CVE-2025-13416 relates to the ProfileGrid – User Profiles, Groups and Communities WordPress plugin. Affected versions are all up to and including 5.9.7.2. Root cause: missing capability check in the pm_deactivate_user_from_group() function, enabling authenticated users with Subscriber-level a...

4.3CVSS5.5AI score0.00282EPSS
Exploits0References4
Nuclei
Nuclei
added 2026/02/05 7:9 a.m.11 views

ProfileGrid <= 5.7.8 - SQL Injection

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 5.7.8 due to insufficient escaping on the user supplied 'search' parameter and lack of sufficient preparation on the existing SQL query. id: CVE-2024-30490...

9.8CVSS8.6AI score0.02267EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.4 views

PT-2026-6034

Name of the Vulnerable Software and Affected Versions ProfileGrid – User Profiles, Groups and Communities plugin for WordPress versions through 5.9.7.2 Description The ProfileGrid plugin for WordPress is susceptible to an Insecure Direct Object Reference issue. This is due to the update user meta...

5.3CVSS5.4AI score0.00315EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.14 views

PT-2026-5876

Name of the Vulnerable Software and Affected Versions ProfileGrid – User Profiles, Groups and Communities plugin for WordPress versions through 5.9.7.2 Description The ProfileGrid plugin for WordPress is susceptible to unauthorized user suspension. This occurs because of a missing capability chec...

4.3CVSS5.5AI score0.00282EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/01/09 9:12 a.m.8 views

CVE-2022-0233

The ProfileGrid – User Profiles, Memberships, Groups and Communities WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the pmuseravatar and pmcoverimage parameters found in the /admin/class-profile-magic-admin.php file which allows attackers with...

6.4CVSS5.7AI score0.009EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/12/31 12:0 a.m.7 views

WordPress ProfileGrid plugin <= 5.9.4.4 - Missing Authorinzation to Authenticated (Subscriber+) Join Group Requests Management vulnerability

Missing Authorinzation to Authenticated Subscriber+ Join Group Requests Management vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin ProfileGrid versions = 5.9.4.4...

4.3CVSS5.9AI score0.00276EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-49438

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.0033EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-15429

Malicious code in bioql PyPI...

6.4CVSS5.7AI score0.009EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-44071

Malicious code in bioql PyPI...

4.9CVSS6.2AI score0.0056EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-4859

Malicious code in bioql PyPI...

4.3CVSS9.2AI score0.00265EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-47514

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00353EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-44960

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00646EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-46670

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00351EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-44349

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00692EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-44070

Malicious code in bioql PyPI...

5.4CVSS6AI score0.00467EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/26 8:31 a.m.10 views

CVE-2025-4957 WordPress ProfileGrid plugin <= 5.9.5.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Reflected XSS.This issue affects ProfileGrid : from n/a through = 5.9.5.7...

7.1CVSS0.00224EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/01 2:25 a.m.5 views

WordPress ProfileGrid plugin <= 5.9.5.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Mohammed Ahmed Abd Elnabi in WordPress Plugin ProfileGrid versions = 5.9.5.7...

7.1CVSS6.1AI score0.00224EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.6 views

WordPress plugin ProfileGrid SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

8.5CVSS7.6AI score0.00243EPSS
Exploits0References1
Rows per page
Query Builder