The ProfileGrid plugin for WordPress has a security flaw that allows unauthorized changes to be made to the data. This is because some functions in the plugin do not have proper checks in place. This means that attackers who have an account on the website and have at least Subscriber-level access can change certain settings or icons without permission.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
