ProfileGrid
Metagauss
Developer
5.9.6.5
Latest version
6,000
Installations
7 days ago
Last updated
Vulnerability history
0 present
43 fixed
23 Mitigation rules
- Reflected Cross Site Scripting (XSS) vulnerability<= 5.9.5.7Sep 1, 2025
- SQL Injection Vulnerability<= 5.9.5.3Jul 24, 2025
- Reflected Cross-Site Scripting via 'pm_get_messenger_notification' function vulnerability<= 5.9.5.4Jul 16, 2025
- SQL Injection Vulnerability<= 5.9.5.2Jul 10, 2025
- Full Path Disclosure (FPD) Vulnerability<= 5.9.5.2Jun 19, 2025
- Server Side Request Forgery (SSRF) Vulnerability<= 5.9.5.2Jun 12, 2025
- Broken Access Control Vulnerability<= 5.9.5.1May 16, 2025
- SQL Injection Vulnerability<= 5.9.5.0May 12, 2025
- SQL Injection Vulnerability<= 5.9.4.8Apr 17, 2025
- Authenticated (Subscriber+) SQL Injection vulnerability<= 5.9.4.7Mar 21, 2025
- PHP Object Injection vulnerability<= 5.9.4.3Feb 23, 2025
- Insecure Direct Object Reference to Authenticated (Subscriber+) Private Messages Disclosure vulnerability<= 5.9.4.2Feb 17, 2025
- Authenticated (Subscriber+) Limited Server-Side Request Forgery vulnerability<= 5.9.4.2Feb 17, 2025
- Missing Authorization to Authenticated (Subscriber+) Arbitrary User Meta Deletion vulnerability<= 5.9.3.6Nov 19, 2024
- Cross Site Request Forgery (CSRF) vulnerability<= 5.9.3Oct 14, 2024
- Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability<= 5.9.3.2Sep 26, 2024
- Authenticated (Subscriber+) Insecure Direct Object Reference vulnerability<= 5.8.9Jul 10, 2024
- Authenticated Privilege Escalation vulnerability<= 5.8.9Jul 9, 2024
- Broken Access Control vulnerability<= 5.8.7Jul 1, 2024
- Missing Authorization vulnerability<= 5.8.6Jun 5, 2024
- Insecure Direct Object Reference (IDOR) vulnerability<= 5.7.9Apr 22, 2024
- Group Members Limit Bypass vulnerability<= 5.8.2Apr 22, 2024
- Insecure Direct Object References (IDOR) vulnerability<= 5.7.9Apr 22, 2024
- Missing Authorization vulnerability<= 5.8.3Apr 17, 2024
- Cross Site Request Forgery (CSRF) vulnerability<= 5.7.8Apr 8, 2024
- IDOR on Friend Request vulnerability<= 5.7.6Apr 5, 2024
- Insecure Direct Object References (IDOR) vulnerability<= 5.7.2Mar 28, 2024
- SQL Injection vulnerability<= 5.7.8Mar 28, 2024
- SQL Injection vulnerability<= 5.7.8Mar 28, 2024
- Contributor+ SQL Injection vulnerability<= 5.7.1Mar 26, 2024
- Broken Access Control vulnerability<= 5.6.6Dec 28, 2023
- Cross Site Request Forgery (CSRF) vulnerability<= 5.7.1Nov 7, 2023
- Authenticated (Subscriber+) Arbitrary Option Update vulnerability<= 5.5.1Jul 18, 2023
- Hardcoded Encryption Key vulnerability<= 5.5.0Jul 18, 2023
- Missing Authorization to Arbitrary Group Option Modification and Privilege Escalation vulnerability<= 5.5.2Jul 18, 2023
- Missing Authorization to User Import vulnerability<= 5.5.1Jul 18, 2023
- Broken Access Control vulnerability<= 5.0.3Mar 16, 2023
- Subscriber+ Arbitrary Password Reset vulnerability< 5.3.1Mar 2, 2023
- Auth. CSV Injection vulnerability<= 5.1.6Nov 17, 2022
- Reflected Cross-Site Scripting (XSS) vulnerability<= 5.1.0Nov 15, 2022
- Authenticated Stored Cross-Site Scripting (XSS) vulnerability<= 4.7.4Jan 18, 2022
- Authenticated Code Execution vulnerability<= 2.8.5Jun 5, 2018
- Reflected Cross Site Scripting<= 2.6.6Nov 27, 2017