PT-2024-37604 · WordPress · Profilegrid
Name of the Vulnerable Software and Affected Versions: The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress versions up to, and including, 5.8.9 Description: The issue is due to a lack of validation on user-supplied data in the 'pm upload image' AJAX action, allowing...