cleantalk
Vulnerabilities and Security Researches

ProfileGrid – User Profiles, Memberships, Groups and Communities, CVE-2026-1271

CVE, Research URL

CVE-2026-1271

Home page URL

Security reports for ProfileGrid – User Profiles, Memberships, Groups and Communities

Application

ProfileGrid – User Profiles, Memberships, Groups and Communities

Published on
Feb 05, 2026
Research Description
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.9.7.2 via the 'pm_upload_image' and 'pm_upload_cover_image' AJAX actions. This is due to the update_user_meta() function being called outside of the user authorization check in public/partials/crop.php and public/partials/coverimg_crop.php. This makes it possible for authenticated attackers, with Subscriber-level access and above, to change any user's profile picture or cover image, including administrators.
Affected versions
max 5.9.7.3.
Status
vulnerable
Previous vulnerability researches
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2025-39586) , Apr 19, 2025
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2024-13741) , May 07, 2025
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2025-48079) , May 18, 2025
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2026-25417) , Mar 30, 2026
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2025-26999) , Mar 05, 2025
New vulnerability
Carousel, Slider, Gallery by WP Carousel – Image Carousel & Photo Gallery, Post Carousel & Post Grid, Product Car (CVE-2024-4002) , Apr 26, 2026
Court Reservation – Manage Your Court Bookings Online (CVE-2026-1508) , Apr 26, 2026
ITERAS (CVE-2026-4078) , Apr 26, 2026
WP-Recall – Registration, Profile, Commerce & More (CVE-2024-9770) , Apr 26, 2026
Bitly's WordPress Plugin (CVE-2025-58231) , Apr 26, 2026