Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ProfileGrid — Vulnerabilities & Security Advisories 23

All 23 CVE vulnerabilities found in ProfileGrid, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE IDTitleCVSSSeverityPublished
CVE-2026-25417 WordPress ProfileGrid plugin <= 5.9.8.1 - Cross Site Scripting (XSS) vulnerability CWE-79 6.5 Medium2026-03-25
CVE-2025-4957 WordPress ProfileGrid plugin <= 5.9.5.7 - Reflected Cross Site Scripting (XSS) vulnerability CWE-79 7.1 High2025-09-26
CVE-2025-49033 WordPress ProfileGrid plugin <= 5.9.5.3 - SQL Injection vulnerability CWE-89 8.5 High2025-08-14
CVE-2025-49876 WordPress ProfileGrid plugin <= 5.9.5.2 - SQL Injection vulnerability CWE-89 8.5 High2025-07-16
CVE-2025-52719 WordPress ProfileGrid plugin <= 5.9.5.2 - Full Path Disclosure (FPD) Vulnerability CWE-497 4.3 Medium2025-06-20
CVE-2025-49877 WordPress ProfileGrid plugin <= 5.9.5.2 - Server Side Request Forgery (SSRF) Vulnerability CWE-918 4.9 Medium2025-06-17
CVE-2025-47478 WordPress ProfileGrid plugin <= 5.9.5.0 - SQL Injection Vulnerability CWE-89 8.5 High2025-05-23
CVE-2025-48079 WordPress ProfileGrid plugin <= 5.9.5.1 - Broken Access Control Vulnerability CWE-862 4.3 Medium2025-05-16
CVE-2025-39586 WordPress ProfileGrid plugin <= 5.9.4.8 - SQL Injection Vulnerability CWE-89 8.5 High2025-04-17
CVE-2025-26999 WordPress ProfileGrid Plugin <= 5.9.4.3 - PHP Object Injection vulnerability CWE-502 8.8 High2025-03-03
CVE-2024-37453 WordPress ProfileGrid – User Profiles, Groups and Communities plugin <= 5.8.7 - Broken Access Control vulnerability CWE-862 4.3 Medium2024-11-01
CVE-2024-49273 WordPress ProfileGrid plugin <= 5.9.3 - Cross Site Request Forgery (CSRF) vulnerability CWE-862 4.3 Medium2024-10-21
CVE-2023-52117 WordPress ProfileGrid plugin <= 5.6.6 - Broken Access Control vulnerability CWE-862 4.3 Medium2024-06-12
CVE-2024-32774 WordPress ProfileGrid plugin <= 5.8.2 - Group Members Limit Bypass vulnerability CWE-307 4.3 Medium2024-05-17
CVE-2024-32772 WordPress ProfileGrid plugin <= 5.7.9 - Insecure Direct Object References (IDOR) vulnerability CWE-639 4.3 Medium2024-04-24
CVE-2024-32808 WordPress ProfileGrid plugin <= 5.7.9 - Insecure Direct Object Reference (IDOR) vulnerability CWE-639 5.4 Medium2024-04-24
CVE-2024-31362 WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.8 - Cross Site Request Forgery (CSRF) vulnerability CWE-352 4.3 Medium2024-04-12
CVE-2024-31291 WordPress ProfileGrid plugin <= 5.7.6 - IDOR on Friend Request vulnerability CWE-639 4.3 Medium2024-04-07
CVE-2024-30513 WordPress ProfileGrid plugin <= 5.7.2 - Insecure Direct Object References (IDOR) vulnerability CWE-639 6.5 Medium2024-03-29
CVE-2024-30491 WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.8 - SQL Injection vulnerability CWE-89 8.5 High2024-03-29
CVE-2024-30490 WordPress ProfileGrid plugin <= 5.7.8 - SQL Injection vulnerability CWE-89 9.3 Critical2024-03-29
CVE-2024-30241 WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.1 - Contributor+ SQL Injection vulnerability CWE-89 8.5 High2024-03-28
CVE-2023-0940 ProfileGrid < 5.3.1 - Subscriber+ Arbitrary Password Reset 8.1 -2023-03-20

All 23 known CVE vulnerabilities affecting ProfileGrid with full Chinese analysis, references, and POCs where available.