2024-11-30
Platform: WordPress
Version: ProfileGrid plugin versions up to 5.9.3.6
Vulnerability: Unauthorized data modification
Severity: Medium (CVSS: 6.5)
Date: November 20, 2024 (Published)
:
The ProfileGrid plugin for WordPress has a vulnerability that allows attackers with subscriber-level access or higher to delete user data. This could potentially be used to deny an administrator access to their own site.
What Undercode Says:
This vulnerability is rated as medium severity, which means it’s important to address but not necessarily an immediate critical risk. If you are using the ProfileGrid plugin, it is recommended to update to the latest version (which should address this vulnerability) as soon as possible.
Additional Notes:
This vulnerability was identified by Wordfence.
There is no official CVSS v4 rating available yet, but the CVSS v3 rating is 6.5.
It is important to keep your WordPress plugins up to date to protect your site from security vulnerabilities.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help