Hey WordPress admins, have you updated your websites with the latest ProfileGrid plugin release yet? There’s a critical privilege escalation vulnerability in the ProfileGrid plugin that could give admin access to WordPress sites.
ProfileGrid Plugin Vulnerability Put WordPress Sites at Risk
A recent post by the Wordfence team highlighted a serious privilege escalation vulnerability in the ProfileGrid plugin, putting thousands of WordPress sites in jeopardy.
ProfileGrid—User Profiles, Groups, and Communities is a popular plugin for WordPress that enables users to create user profiles, communities, directories, groups, and more interactive features. With over 7,000 active installations, the vulnerability in the plugin posed a significant risk to a large number of websites.
The flaw in the plugin’s pm_upload_image
AJAX action, due to lack of validation, allowed authenticated attackers to exploit it and gain elevated privileges, potentially even obtaining admin access from subscriber-level access.
This vulnerability, assigned the CVE ID CVE-2024-6411, was classified as high severity with a CVSS score of 8.8. Initially discovered by security researcher Tieu Pham Trong Nhan from TechlabCorp, the issue was reported through Wordfence’s bug bounty program, resulting in a $488 bounty.
All plugin versions up to 5.8.9 were affected by this vulnerability. Following the bug report, Wordfence collaborated with the plugin developers to release a patch, which was included in ProfileGrid version 5.9.0 released earlier this month.
While there have been no reported exploits of this vulnerability in the wild, only 36.7% of users have updated to the latest release according to the plugin’s official WordPress page. It’s crucial for all WordPress users to update their sites promptly to mitigate the risk.
Additionally, it’s advisable to review all plugins on your website for any security updates to prevent potential threats.
We’d love to hear your thoughts in the comments section below.