Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Metagauss — Vulnerabilities & Security Advisories 101

Browse all 101 CVE security advisories affecting Metagauss. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Metagauss operates as a cybersecurity firm specializing in automated penetration testing and vulnerability assessment services. Its primary offering involves scanning enterprise networks to identify security weaknesses, providing clients with actionable reports on potential entry points. Historically, the company’s infrastructure and associated platforms have been linked to a significant number of Common Vulnerabilities and Exposures, totaling 101 recorded CVEs. These vulnerabilities predominantly stem from common web application flaws, including remote code execution, cross-site scripting, and improper access control mechanisms. While specific major public incidents involving data breaches directly attributed to Metagauss are not widely documented in mainstream news, the high volume of CVEs suggests systemic issues in their software development lifecycle or third-party dependencies. Security researchers often highlight these findings as cautionary examples of how automated security tools themselves can become attack vectors if not rigorously maintained and patched against known exploit patterns.

Found 21 results / 101Clear Filters
Top products by Metagauss: ProfileGrid ProfileGrid – User Profiles, Groups and Communities EventPrime – Events Calendar, Bookings and Tickets RegistrationMagic RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login EventPrime Download Plugin Download Theme Event Kikfyre
CVE IDTitleCVSSSeverityPublished
CVE-2026-25417 WordPress ProfileGrid plugin <= 5.9.8.1 - Cross Site Scripting (XSS) vulnerability — ProfileGridCWE-79 6.5 Medium2026-03-25
CVE-2025-4957 WordPress ProfileGrid plugin <= 5.9.5.7 - Reflected Cross Site Scripting (XSS) vulnerability — ProfileGridCWE-79 7.1 High2025-09-26
CVE-2025-49033 WordPress ProfileGrid plugin <= 5.9.5.3 - SQL Injection vulnerability — ProfileGridCWE-89 8.5 High2025-08-14
CVE-2025-49876 WordPress ProfileGrid plugin <= 5.9.5.2 - SQL Injection vulnerability — ProfileGridCWE-89 8.5 High2025-07-16
CVE-2025-52719 WordPress ProfileGrid plugin <= 5.9.5.2 - Full Path Disclosure (FPD) Vulnerability — ProfileGridCWE-497 4.3 Medium2025-06-20
CVE-2025-49877 WordPress ProfileGrid plugin <= 5.9.5.2 - Server Side Request Forgery (SSRF) Vulnerability — ProfileGridCWE-918 4.9 Medium2025-06-17
CVE-2025-47478 WordPress ProfileGrid plugin <= 5.9.5.0 - SQL Injection Vulnerability — ProfileGridCWE-89 8.5 High2025-05-23
CVE-2025-48079 WordPress ProfileGrid plugin <= 5.9.5.1 - Broken Access Control Vulnerability — ProfileGridCWE-862 4.3 Medium2025-05-16
CVE-2025-39586 WordPress ProfileGrid plugin <= 5.9.4.8 - SQL Injection Vulnerability — ProfileGridCWE-89 8.5 High2025-04-17
CVE-2025-26999 WordPress ProfileGrid Plugin <= 5.9.4.3 - PHP Object Injection vulnerability — ProfileGridCWE-502 8.8 High2025-03-03
CVE-2024-49273 WordPress ProfileGrid plugin <= 5.9.3 - Cross Site Request Forgery (CSRF) vulnerability — ProfileGridCWE-862 4.3 Medium2024-10-21
CVE-2023-52117 WordPress ProfileGrid plugin <= 5.6.6 - Broken Access Control vulnerability — ProfileGridCWE-862 4.3 Medium2024-06-12
CVE-2024-32774 WordPress ProfileGrid plugin <= 5.8.2 - Group Members Limit Bypass vulnerability — ProfileGridCWE-307 4.3 Medium2024-05-17
CVE-2024-32772 WordPress ProfileGrid plugin <= 5.7.9 - Insecure Direct Object References (IDOR) vulnerability — ProfileGridCWE-639 4.3 Medium2024-04-24
CVE-2024-32808 WordPress ProfileGrid plugin <= 5.7.9 - Insecure Direct Object Reference (IDOR) vulnerability — ProfileGridCWE-639 5.4 Medium2024-04-24
CVE-2024-31362 WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.8 - Cross Site Request Forgery (CSRF) vulnerability — ProfileGridCWE-352 4.3 Medium2024-04-12
CVE-2024-31291 WordPress ProfileGrid plugin <= 5.7.6 - IDOR on Friend Request vulnerability — ProfileGridCWE-639 4.3 Medium2024-04-07
CVE-2024-30513 WordPress ProfileGrid plugin <= 5.7.2 - Insecure Direct Object References (IDOR) vulnerability — ProfileGridCWE-639 6.5 Medium2024-03-29
CVE-2024-30491 WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.8 - SQL Injection vulnerability — ProfileGridCWE-89 8.5 High2024-03-29
CVE-2024-30490 WordPress ProfileGrid plugin <= 5.7.8 - SQL Injection vulnerability — ProfileGridCWE-89 9.3 Critical2024-03-29
CVE-2024-30241 WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.1 - Contributor+ SQL Injection vulnerability — ProfileGridCWE-89 8.5 High2024-03-28

This page lists every published CVE security advisory associated with Metagauss. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.