5 matches found
CVE-2024-5453
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdismissiblenotice and pmwizardupdategroupicon functions in all versions up to, and including, 5.8.6. This makes it possible fo...
CVE-2024-5453 ProfileGrid <= 5.8.6 - Missing Authorization
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdismissiblenotice and pmwizardupdategroupicon functions in all versions up to, and including, 5.8.6. This makes it possible fo...
CVE-2024-5453 ProfileGrid <= 5.8.6 - Missing Authorization
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdismissiblenotice and pmwizardupdategroupicon functions in all versions up to, and including, 5.8.6. This makes it possible fo...
CVE-2024-5453
CVE-2024-5453 affects the ProfileGrid – User Profiles, Groups and Communities WordPress plugin. It enables unauthorized data modification via a missing capability check in pm_dismissible_notice and pm_wizard_update_group_icon across all versions up to 5.8.6. Authentication required: attackers wit...
WordPress ProfileGrid Plugin <= 5.8.6 is vulnerable to Broken Access Control
Software ProfileGrid Type Plugin Vulnerable versions = 5.8.6 Fixed in 5.8.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5453 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID cc4be9b4d163 Credits Lucio Sá Required privilege...