WordPress ProfileGrid plugin <= 5.9.4.4 - Missing Authorinzation to Authenticated (Subscriber+) Join Group Requests Management vulnerability

Missing Authorinzation to Authenticated Subscriber+ Join Group Requests Management vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin ProfileGrid versions = 5.9.4.4...

Fedora 41 : socat (2025-4f0d6d3522)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-4f0d6d3522 advisory. - Update to 1.8.0.3 rhbz2307725 - Resolves: CVE-2024-54661 rhbz2330520 - Resolves: non-working ipv6-join-group option rhbz2352860 - Resolves: FTBFS in Fedora...

Fedora 43 : socat (2025-0d54679581)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-0d54679581 advisory. Automatic update for socat-1.8.0.3-1.fc43. Changelog Wed Aug 6 2025 Martin Osvald - 1.8.0.3-1 - Update to 1.8.0.3 rhbz2307725 - Resolves: CVE-2024-54661...

CVE-2025-1408

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdeclinejoingrouprequest and pmapprovejoingrouprequest functions in all versions up to, and including, 5.9.4.4. This makes it...

CVE-2024-34659

Exposure of sensitive information in GroupSharing prior to version 13.6.13.3 allows remote attackers can force the victim to join the group...

CVE-2024-34659

Exposure of sensitive information in GroupSharing prior to version 13.6.13.3 allows remote attackers can force the victim to join the group...

CVE-2018-19415

Multiple SQL injection vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to joingroup.php or 2 commentid parameter to story.php...