2 matches found
CVE-2022-0233
The CVE-2022-0233 issue affects the ProfileGrid – User Profiles, Memberships, Groups and Communities WordPress plugin. It is a Stored XSS vulnerability caused by insufficient escaping in the pm_user_avatar and pm_cover_image parameters within ~/admin/class-profile-magic-admin.php, exploitable by ...
CVE-2022-0233 ProfileGrid – User Profiles, Memberships, Groups and Communities <= 4.7.4 Authenticated Stored Cross-Site Scripting
The ProfileGrid – User Profiles, Memberships, Groups and Communities WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the pmuseravatar and pmcoverimage parameters found in the /admin/class-profile-magic-admin.php file which allows attackers with...