2 matches found
CVE-2024-10900
CVE-2024-10900 affects the ProfileGrid – User Profiles, Groups and Communities plugin for WordPress. The issue is a Missing Authorization to Authenticated (Subscriber+) Arbitrary User Meta Deletion due to a missing capability check in pm_remove_file_attachment(). Affected versions are all up to a...
WordPress ProfileGrid Plugin <= 5.9.3.6 is vulnerable to Broken Access Control
Software ProfileGrid Type Plugin Vulnerable versions = 5.9.3.6 Fixed in 5.9.3.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10900 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID e7fdd2a43e49 Credits 1337Wannabe Required...