CVE-2026-39603

Summary: CVE-2026-39603 is a CSRF vulnerability in the WordPress theme “ThemeGoods Grand Photography grandphotography” affecting Grand Photography versions from n/a up to and including 5.7.8. The issue is a Cross-Site Request Forgery, with CVSS 3.1 base score 5.4 (Medium): network attacker, no pr...

EUVD-2024-28410

Malicious code in bioql PyPI...

EUVD-2023-12960

Malicious code in bioql PyPI...

CVE-2024-31362

Cross-Site Request Forgery CSRF vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8...

CVE-2023-0977

A heap-based overflow vulnerability in Trellix Agent Windows and Linux version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable...

CVE-2023-0975

A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions...

CVE-2024-30491

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8...

CVE-2024-30490

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8...

PT-2025-1934 · WordPress · Shopping Cart & Ecommerce Store

Name of the Vulnerable Software and Affected Versions: The Shopping Cart & eCommerce Store plugin for WordPress versions up to, and including, 5.7.8 Description: The issue is related to a missing capability check on the webhook function, allowing unauthenticated attackers to modify order statuses...

CVE-2024-31362

CVE-2024-31362 is a CSRF vulnerability in ProfileGrid (Metagauss) affecting ProfileGrid versions up to 5.7.8. NVD CVSS v3.1 base score 8.8 (HIGH) with network attack vector, no user privileges, and required user interaction. Public remediation details are not provided in the documents; PatchStack...

WordPress ProfileGrid Plugin <= 5.7.8 is vulnerable to Cross Site Request Forgery (CSRF)

Software ProfileGrid Type Plugin Vulnerable versions = 5.7.8 Fixed in 5.7.9 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31362 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 56f2b8a25e3b Credits thiennv Required...

PT-2024-23416

Name of the Vulnerable Software and Affected Versions Metagauss ProfileGrid versions through 5.7.8 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by injecting...