The ProfileGrid plugin, used for user profiles, groups, and communities on WordPress, has a security issue called Server-Side Request Forgery. This means that anyone with at least Subscriber-level access can make web requests from the plugin to other places on the internet, which can be used to access and change information from other services.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
