Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2025/02/05 2:53 a.m.9 views

CVE-2024-6411

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.8.9. This is due to a lack of validation on user-supplied data in the 'pmuploadimage' AJAX action. This makes it possible for authenticated...

8.8CVSS6.9AI score0.00768EPSS
Exploits0References1
circl
circl
added 2024/07/10 7:33 a.m.8 views

CVE-2024-6411

creationtimestamp| type| source ---|---|--- 2024-07-10 07:33:44+00:00| seen| https://t.me/cvedetector/507 2025-02-14 09:47:00+00:00| seen| Telegram/3nm-cCgCoeyH8a1WpJsfQVll0GJIaQ8Tul9DcmLIt0qLGT...

8.8CVSS5.1AI score0.00768EPSS
Exploits0References1
nvd
nvd
added 2024/07/10 5:15 a.m.34 views

CVE-2024-6411

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.8.9. This is due to a lack of validation on user-supplied data in the 'pmuploadimage' AJAX action. This makes it possible for authenticated...

8.8CVSS0.00768EPSS
Exploits0References6
vulnrichment
vulnrichment
added 2024/07/10 4:31 a.m.23 views

CVE-2024-6411 ProfileGrid – User Profiles, Groups and Communities <= 5.8.9 - Authenticated (Subscriber+) Authorization Bypass to Privilege Escalation

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.8.9. This is due to a lack of validation on user-supplied data in the 'pmuploadimage' AJAX action. This makes it possible for authenticated...

8.8CVSS6.9AI score0.00768EPSS
Exploits0References6
cvelist
cvelist
added 2024/07/10 4:31 a.m.43 views

CVE-2024-6411 ProfileGrid – User Profiles, Groups and Communities <= 5.8.9 - Authenticated (Subscriber+) Authorization Bypass to Privilege Escalation

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.8.9. This is due to a lack of validation on user-supplied data in the 'pmuploadimage' AJAX action. This makes it possible for authenticated...

8.8CVSS0.00768EPSS
Exploits0References6
patchstack
patchstack
added 2024/07/09 12:0 a.m.21 views

WordPress ProfileGrid Plugin <= 5.8.9 is vulnerable to Privilege Escalation

Software ProfileGrid Type Plugin Vulnerable versions = 5.8.9 Fixed in 5.9.0 OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2024-6411 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID f89fa5a9e660 Credits Truoc Phan Required privilege...

8.8CVSS6.5AI score0.00768EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder