cleantalk
Vulnerabilities and Security Researches

ProfileGrid – User Profiles, Memberships, Groups and Communities, b76e1953-95db-4cd9-99c9-58922db2109a

CVE, Research URL

b76e1953-95db-4cd9-99c9-58922db2109a

Home page URL

Security reports for ProfileGrid – User Profiles, Memberships, Groups and Communities

Application

ProfileGrid – User Profiles, Memberships, Groups and Communities

Published on
-
Research Description
ProfileGrid – User Profiles, Groups and Communities [profilegrid-user-profiles-groups-and-communities] < 5.0.4 ProfileGrid &lt; 5.0.4 - Subscriber+ Private Message Read/Edition The plugin does not have any authorisation and CSRF checks when accessing and editing messages, which could allow any logged in users, such as subscriber to access and edit arbitrary messages
Affected versions
max 5.0.4.
Status
vulnerable
Previous vulnerability researches
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2025-39586) , Apr 19, 2025
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2024-13741) , May 07, 2025
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2025-48079) , May 18, 2025
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2026-25417) , Mar 30, 2026
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2025-26999) , Mar 05, 2025
New vulnerability
Interactive Content – H5P (CVE-2026-56006) , Jun 24, 2026
Transbank Webpay REST (CVE-2026-6858) , Jun 24, 2026
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2026-4610) , Jun 24, 2026
Paymob for WooCommerce (CVE-2026-56025) , Jun 24, 2026
Motors – Car Dealer, Classifieds &amp; Listing (CVE-2026-7859) , Jun 24, 2026