Description
WordPress Plugin ProfileGrid-User Profiles, Groups and Communities is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin ProfileGrid-User Profiles, Groups and Communities version 5.8.9 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 5.9.0 or latest
References
Related Vulnerabilities
Oracle JRE CVE-2018-2618 Vulnerability (CVE-2018-2618)
WebLogic CVE-2024-20931 Vulnerability (CVE-2024-20931)
Jetty Observable Discrepancy Vulnerability (CVE-2017-9735)
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-3171)
WordPress Plugin MDTF-Wordpress Meta Data & Taxonomies Filter Cross-Site Request Forgery (2.2.7.2)