Metagauss CVEs and Security Vulnerabilities

Filtered by vendor Metagauss Subscriptions

Search

Switch to Advanced Search (Beta)

Total 138 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-4607	2 Metagauss, Wordpress	2 Profilegrid – User Profiles, Groups And Communities, Wordpress	2026-05-13	4.3 Medium
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.9.8.4. This is due to the plugin not properly verifying that a user is authorized to perform an action via the pm_set_group_order, pm_set_group_items, and pm_set_field_order AJAX actions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify site-wide ProfileGrid group settings including group menu order, group list order, group icon display, and field ordering.
CVE-2026-4609	2 Metagauss, Wordpress	2 Profilegrid – User Profiles, Groups And Communities, Wordpress	2026-05-13	7.1 High
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the pm_invite_user function in all versions up to, and including, 5.9.8.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to add themselves or any registered user to any ProfileGrid group, including closed and paid groups, bypassing all authorization and payment gates.
CVE-2024-31362	1 Metagauss	1 Profilegrid	2026-04-28	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8.
CVE-2024-31291	1 Metagauss	1 Profilegrid	2026-04-28	4.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.6.
CVE-2024-30490	1 Metagauss	1 Profilegrid	2026-04-28	9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8.
CVE-2024-30241	1 Metagauss	1 Profilegrid	2026-04-28	8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.1.
CVE-2024-25935	1 Metagauss	1 Registrationmagic	2026-04-28	4.3 Medium
Missing Authorization vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.2.5.9.
CVE-2023-23989	1 Metagauss	1 Registrationmagic	2026-04-28	5.3 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.1.9.2.
CVE-2024-33947	1 Metagauss	1 Registrationmagic	2026-04-28	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic allows Reflected XSS.This issue affects RegistrationMagic: from n/a through 5.3.2.0.
CVE-2024-32808	1 Metagauss	1 Profilegrid	2026-04-28	5.4 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9.
CVE-2024-32772	1 Metagauss	1 Profilegrid	2026-04-28	4.3 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9.
CVE-2024-30513	1 Metagauss	1 Profilegrid	2026-04-28	6.5 Medium
Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.2.
CVE-2024-30491	1 Metagauss	1 Profilegrid	2026-04-28	8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8.
CVE-2024-29776	1 Metagauss	1 Eventprime	2026-04-28	5.9 Medium
Cross Site Scripting (XSS) vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n/a through 3.3.9.
CVE-2024-2951	1 Metagauss	1 Registrationmagic	2026-04-28	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.3.0.0.
CVE-2024-29113	1 Metagauss	1 Registrationmagic	2026-04-28	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic allows Reflected XSS.This issue affects RegistrationMagic: from n/a through 5.2.5.9.
CVE-2024-24832	1 Metagauss	1 Eventprime	2026-04-28	8.2 High
Missing Authorization vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n/a through 3.3.9.
CVE-2023-51509	1 Metagauss	1 Registrationmagic	2026-04-28	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login allows Reflected XSS.This issue affects RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login: from n/a through 5.2.4.1.
CVE-2023-50846	1 Metagauss	1 Registrationmagic	2026-04-28	7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RegistrationMagic RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login.This issue affects RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login: from n/a through 5.2.4.5.
CVE-2023-47644	1 Metagauss	1 Profilegrid	2026-04-28	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in profilegrid ProfileGrid – User Profiles, Memberships, Groups and Communities.This issue affects ProfileGrid – User Profiles, Memberships, Groups and Communities: from n/a through 5.6.6.

Page 1 of 7. next last »