CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2 matches found

Patchstack•added 2025/12/31 12:0 a.m.•4 views

WordPress ProfileGrid plugin <= 5.9.4.4 - Missing Authorinzation to Authenticated (Subscriber+) Join Group Requests Management vulnerability

Missing Authorinzation to Authenticated Subscriber+ Join Group Requests Management vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin ProfileGrid versions = 5.9.4.4...

4.3CVSS5.9AI score0.00104EPSS

Exploits0References1Affected Software1

OSV•added 2025/03/22 5:15 a.m.•2 views

CVE-2025-1408

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pmdeclinejoingrouprequest and pmapprovejoingrouprequest functions in all versions up to, and including, 5.9.4.4. This makes it...

4.3CVSS5.8AI score0.00104EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by