CVE-2025-13416 | ProfileGrid Plugin up to 5.9.7.2 on WordPress pm_deactivate_user_from_group authorization

Inserito da Angelo Barbosa | Feb 5, 2026 | CVE

A vulnerability was found in ProfileGrid Plugin up to 5.9.7.2 on WordPress. It has been rated as problematic. Affected by this issue is the function pm_deactivate_user_from_group. The manipulation leads to missing authorization.

This vulnerability is uniquely identified as CVE-2025-13416. The attack is possible to be carried out remotely. No exploit exists.

CVE-2025-13416 | ProfileGrid Plugin up to 5.9.7.2 on WordPress pm_deactivate_user_from_group authorization

Post correlati

CVE-2024-37518 | Events Calendar Plugin up to 6.5.1.4 on WordPress cross-site request forgery

CVE-2024-34813 | MoreConvert MC Woocommerce Wishlist Plugin up to 1.7.8 on WordPress authorization

CVE-2024-39737 | IBM Datacap Navigator 9.1.5/9.1.6/9.1.7/9.1.8/9.1.9 information exposure (XFDB-296004)

CVE-2024-0188 | RRJ Nueva Ecija Engineer Online Portal 1.0 change_password_teacher.php weak password