cleantalk
Vulnerabilities and Security Researches

ProfileGrid – User Profiles, Memberships, Groups and Communities, CVE-2025-49876

CVE, Research URL

CVE-2025-49876

Home page URL

Security reports for ProfileGrid – User Profiles, Memberships, Groups and Communities

Application

ProfileGrid – User Profiles, Memberships, Groups and Communities

Published on
Jul 16, 2025
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid allows SQL Injection. This issue affects ProfileGrid : from n/a through 5.9.5.2.
Affected versions
Min -, max 5.9.5.3.
Status
vulnerable
Previous vulnerability researches
BuddyForms Form Elements for WooCommerce (39d1f22f-ea34-4d94-9dc2-12661cf69d36) , Jun 07, 2024
New vulnerability
SMTP for SendGrid – YaySMTP (CVE-2025-48301) , Jul 18, 2025
ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes (CVE-2025-47645) , Jul 18, 2025
Knowledge Base (CVE-2025-7431) , Jul 18, 2025
Real Estate Property 2024 Create Your Own Fields and Search Bar WP Plugin (CVE-2025-48150) , Jul 18, 2025
Infility Global (CVE-2025-47652) , Jul 18, 2025