Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

ProfileGrid — Vulnerabilities & Security Advisories 15

All 15 CVE vulnerabilities found in ProfileGrid, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE IDTitleCVSSSeverityPaused
CVE-2026-25417 WordPress ProfileGrid plugin <= 5.9.8.1 - Cross Site Scripting (XSS) vulnerability CWE-79 6.5 Medium2026-03-25
CVE-2025-4957 WordPress ProfileGrid plugin <= 5.9.5.7 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79 7.1 High2025-09-26
CVE-2025-49033 WordPress ProfileGrid plugin <= 5.9.5.3 - SQL Injection vulnerability CWE-89 8.5 High2025-08-14
CVE-2025-49876 WordPress ProfileGrid plugin <= 5.9.5.2 - SQL Injection vulnerability CWE-89 8.5 High2025-07-16
CVE-2025-52719 WordPress ProfileGrid plugin <= 5.9.5.2 - Full Path Disclosure (FPD) Vulnerability CWE-497 4.3 Medium2025-06-20
CVE-2025-49877 WordPress ProfileGrid plugin <= 5.9.5.2 - Server Side Request Forgery (SSRF) Vulnerability CWE-918 4.9 Medium2025-06-17
CVE-2025-47478 WordPress ProfileGrid plugin <= 5.9.5.0 - SQL Injection Vulnerability CWE-89 8.5 High2025-05-23
CVE-2025-48079 WordPress ProfileGrid plugin <= 5.9.5.1 - Broken Access Control Vulnerability CWE-862 4.3 Medium2025-05-16
CVE-2025-39586 WordPress ProfileGrid plugin <= 5.9.4.8 - SQL Injection Vulnerability CWE-89 8.5 High2025-04-17
CVE-2025-26999 WordPress ProfileGrid Plugin <= 5.9.4.3 - PHP Object Injection vulnerability CWE-502 8.8 High2025-03-03
CVE-2024-37453 WordPress ProfileGrid – User Profiles, Groups and Communities plugin <= 5.8.7 - Broken Access Control vulnerability CWE-862 4.3 Medium2024-11-01
CVE-2024-49273 WordPress ProfileGrid plugin <= 5.9.3 - Cross Site Request Forgery (CSRF) vulnerability CWE-862 4.3 Medium2024-10-21
CVE-2023-52117 WordPress ProfileGrid plugin <= 5.6.6 - Broken Access Control vulnerability CWE-862 4.3 Medium2024-06-12
CVE-2024-32774 WordPress ProfileGrid plugin <= 5.8.2 - Group Members Limit Bypass vulnerability CWE-307 4.3 Medium2024-05-17
CVE-2023-0940 ProfileGrid < 5.3.1 - Subscriber+ Arbitrary Password Reset 8.1 -2023-03-20

All 15 known CVE vulnerabilities affecting ProfileGrid with full Chinese analysis, references, and POCs where available.