Description
WordPress Plugin ProfileGrid-User Profiles, Groups and Communities is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin ProfileGrid-User Profiles, Groups and Communities version 5.8.9 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 5.9.0 or latest
References
Related Vulnerabilities
PHP Out-of-bounds Read Vulnerability (CVE-2019-9021)
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2020-13654)
PHP Numeric Errors Vulnerability (CVE-2016-4070)
WebLogic CVE-2021-2136 Vulnerability (CVE-2021-2136)
MySQL Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2005-0709)