Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Network CSRF needs no attacker auth (PR:N) but requires the victim to click (UI:R); account takeover of a privileged user yields high C/I/A within an unchanged scope.
Primary rating from Vendor (Patchstack).
CVSS VectorVendor: Patchstack
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Unauthenticated Cross Site Request Forgery (CSRF) in ProfileGrid <= 5.9.9.7 versions.
AnalysisAI
Cross-site request forgery in the ProfileGrid - User Profiles, Groups and Communities WordPress plugin (versions 5.9.9.7 and earlier) allows a remote unauthenticated attacker to force a logged-in victim into performing unintended state-changing actions, chaining to full account takeover. Because a successful CSRF against an administrator can hijack a privileged account, impact is rated high across confidentiality, integrity, and availability (CVSS 8.8). …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires that a user already authenticated to a WordPress site running ProfileGrid <= 5.9.9.7 be tricked into visiting an attacker-controlled page while their session is active (CVSS UI:R). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, base 8.8) indicates a network-reachable, low-complexity attack requiring no attacker privileges but requiring victim interaction (UI:R) - the victim must visit a malicious page while authenticated. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a malicious web page (or email link) containing a hidden auto-submitting form targeting ProfileGrid's account-management action. When a logged-in ProfileGrid site administrator visits the page, their browser silently submits the forged request in their authenticated session, altering their account (e.g., resetting credentials or email) and handing the attacker control. … |
| Remediation | Upgrade ProfileGrid to a release newer than 5.9.9.7 (Upstream fix available per the Patchstack advisory; a specific released patched version is not independently confirmed in the provided data - consult the vendor/WordPress plugin page for the exact fixed build before deploying). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Disable ProfileGrid plugin (all versions ≤5.9.9.7) on all WordPress installations and restrict access to wp-admin via IP allowlisting. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Profilegrid
View allImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileG
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileG
The ProfileGrid WordPress plugin before 5.3.1 provides an AJAX endpoint for resetting a user password but does not imple
The profilegrid-user-profiles-groups-and-communities plugin before 2.8.6 for WordPress has remote code execution via an
The ProfileGrid WordPress plugin before 5.1.1 does not sanitise and escape a parameter before outputting it back in the
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileG
The ProfileGrid - User Profiles, Groups and Communities plugin for WordPress is vulnerable to PHP Object Injection in al
The ProfileGrid - User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation in al
The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability chec
Missing Authorization vulnerability in ProfileGrid User Profiles ProfileGrid allows Exploiting Incorrectly Configured Ac
Improper Restriction of Excessive Authentication Attempts vulnerability in Metagauss ProfileGrid allows Removing Importa
The ProfileGrid - User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification
Same weakness CWE-352 – Cross-Site Request Forgery (CSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41315
GHSA-r89c-xvf4-jw2p