3 matches found
CVE-2024-13741
creationtimestamp| type| source ---|---|--- 2025-02-18 02:16:47+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lig6xth45v2n 2025-02-18 03:37:46+00:00| seen| Telegram/0BhLOvAb471L82qKCBhbnkEB-YElpurWqcLeLJJElzeRNhcL 2025-02-18 05:05:50+00:00| seen|...
CVE-2024-13741
CVE-2024-13741 affects ProfileGrid – User Profiles, Groups and Communities (WordPress). The vulnerability is an authenticated SSRF via the plugin’s pm_upload_image function, exploitable by users with Subscriber-level access and above. The issue enables the attacker to issue web requests from the ...
CVE-2024-13741 ProfileGrid – User Profiles, Groups and Communities <= 5.9.4.2 - Authenticated (Subscriber+) Limited Server-Side Request Forgery
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Limited Server-Side Request Forgery in all versions up to, and including, 5.9.4.2 via the pmuploadimage function. This makes it possible for authenticated attackers, with Subscriber-level access and abov...