Tag

Cve-2026-4609

1 brief RSS

CVE-2026-4609: ProfileGrid WordPress Plugin Authentication Bypass Vulnerability

The ProfileGrid WordPress plugin versions up to 5.9.8.4 contain an authentication bypass vulnerability (CVE-2026-4609) that allows authenticated users with subscriber-level privileges to add themselves or others to arbitrary groups, including paid groups, without proper authorization, leading to privilege escalation and potential financial impact.

ProfileGrid – User Profiles, Groups and Communities plugin for WordPress <= 5.9.8.4 authentication bypass wordpress plugin privilege escalation cve-2026-4609

1r 1t 1c 2h ago