ThreatPress

WordPress Vulnerabilities Database

Back

WordPress ProfileGrid – User Profiles, Groups and Communities plugin <= 2.8.5 - Authenticated Code Execution vulnerability

Product
ProfileGrid
Description
Authenticated Code Execution vulnerability found in WordPress ProfileGrid– User Profiles, Groups and Communities plugin (versions <= 2.8.5).
Solution
Update the WordPress ProfileGrid – User Profiles, Groups and Communities plugin to the latest available version (at least 2.8.6).
Classification
Type Arbitrary Code Execution
OWASP Top 10 A1: Injection
References
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 2.8.5
Fixed In 2.8.6
Disclosure date
2018-06-05
Submitter
ThreatPress