Metagauss Profilegrid – User Profiles, Groups And Communities
23 CVEs affecting Metagauss Profilegrid – User Profiles, Groups And Communities. Latest disclosed: 2026-05-13. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-0724 | High | 8.8 | 2025-03-22 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.9.4… |
CVE-2024-6411 | High | 8.8 | 2024-07-10 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.8.9… |
CVE-2023-3713 | High | 8.8 | 2023-07-18 | The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'profile_magic_check_smtp_conn… |
CVE-2023-3714 | High | 7.5 | 2023-07-18 | The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'edit_group' handler in versio… |
CVE-2026-4609 | High | 7.1 | 2026-05-13 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the pm_i… |
CVE-2026-4608 | Medium | 6.5 | 2026-05-13 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to blind SQL Injection via the 'rid' parameter in all versions up to… |
CVE-2025-0723 | Medium | 6.5 | 2025-03-22 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to blind and time-based SQL Injections via the rid and search parame… |
CVE-2024-10900 | Medium | 6.5 | 2024-11-20 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability che… |
CVE-2024-8861 | Medium | 6.4 | 2024-09-26 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including… |
CVE-2025-6977 | Medium | 6.1 | 2025-07-16 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘pm_get_messenger_notifica… |
CVE-2024-13741 | Medium | 5.4 | 2025-02-18 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Limited Server-Side Request Forgery in all versions up to, and in… |
CVE-2023-3403 | Medium | 5.4 | 2023-07-18 | The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pm_upload_csv' function in ve… |
CVE-2026-1271 | Medium | 5.3 | 2026-02-05 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and inclu… |
CVE-2023-3404 | Medium | 4.9 | 2023-08-31 | The ProfileGrid plugin for WordPress is vulnerable to unauthorized decryption of private information in versions up to, and including, 5.5.0. This is due to th… |
CVE-2026-4607 | Medium | 4.3 | 2026-05-13 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.9.8… |
CVE-2026-2494 | Medium | 4.3 | 2026-03-07 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including… |
CVE-2026-2488 | Medium | 4.3 | 2026-03-07 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized message deletion due to a missing capability check o… |
CVE-2025-13416 | Medium | 4.3 | 2026-02-05 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized user suspension due to a missing capability check on… |
CVE-2025-1408 | Medium | 4.3 | 2025-03-22 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability che… |
CVE-2024-13740 | Medium | 4.3 | 2025-02-18 | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and inclu… |