Lucene search
+L

5 matches found

NVD
NVD
added 2024/06/05 8:15 a.m.21 views

CVE-2024-5453

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdismissiblenotice and pmwizardupdategroupicon functions in all versions up to, and including, 5.8.6. This makes it possible fo...

4.3CVSS4.4AI score0.00351EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/06/05 7:34 a.m.22 views

CVE-2024-5453 ProfileGrid <= 5.8.6 - Missing Authorization

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdismissiblenotice and pmwizardupdategroupicon functions in all versions up to, and including, 5.8.6. This makes it possible fo...

4.3CVSS4.4AI score0.00351EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/06/05 7:34 a.m.16 views

CVE-2024-5453 ProfileGrid <= 5.8.6 - Missing Authorization

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdismissiblenotice and pmwizardupdategroupicon functions in all versions up to, and including, 5.8.6. This makes it possible fo...

4.3CVSS6.7AI score0.00351EPSS
Exploits0References4
CVE
CVE
added 2024/06/05 7:34 a.m.60 views

CVE-2024-5453

CVE-2024-5453 affects the ProfileGrid – User Profiles, Groups and Communities WordPress plugin. It enables unauthorized data modification via a missing capability check in pm_dismissible_notice and pm_wizard_update_group_icon across all versions up to 5.8.6. Authentication required: attackers wit...

4.3CVSS4.8AI score0.00351EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2024/06/05 12:0 a.m.14 views

WordPress ProfileGrid Plugin <= 5.8.6 is vulnerable to Broken Access Control

Software ProfileGrid Type Plugin Vulnerable versions = 5.8.6 Fixed in 5.8.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5453 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID cc4be9b4d163 Credits Lucio Sá Required privilege...

4.3CVSS6.6AI score0.00351EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder