WordPress ProfileGrid Plugin <= 5.0.3 is vulnerable to Broken Access Control

CVE-2022-36352

What is CVE-2022-36352?

A vulnerability exists within ProfileGrid - User Profiles, Memberships, Groups and Communities, which allows for missing authorization. This flaw can potentially permit unauthorized users to access sensitive data and functionalities reserved for specific user roles. Versions from the initial release through 5.0.3 are affected. It is crucial for users employing this plugin to evaluate their configurations and update accordingly to mitigate any risks associated with this exposure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References