Description
The Memberships and User Profiles for WooCommerce – ProfileGrid WooCommerce Integration plugin for WordPress is vulnerable to unauthorized plugin installation and activation in versions up to, and including, 3.4. This is due to a missing capability check and missing nonce validation on the pg_install_profilegrid() AJAX handler registered via wp_ajax_pg_install_profilegrid. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install and activate the ProfileGrid plugin from wordpress.
Problem types
Product status
Any version
Timeline
| 2026-06-05: | Vendor Notified |
| 2026-07-08: | Disclosed |
Credits
John
References
www.wordfence.com/...-bd8e-4a83-b83c-66aefe4df4b8?source=cve
plugins.trac.wordpress.org/...filegrid-woocommerce-admin.php
plugins.trac.wordpress.org/...ss-profilegrid-woocommerce.php
plugins.trac.wordpress.org/...filegrid-woocommerce-admin.php
plugins.trac.wordpress.org/...e-user-profiles-by-profilegrid