CVE-2024-13741

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to Limited Server-Side Request Forgery in all versions up to, and including, 5.9.4.2 via the pm_upload_image function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to download and view images, as well as validating if a non-image file exists, both on local or remote hosts.
Configurations

Configuration 1 (hide)

cpe:2.3:a:metagauss:profilegrid:*:*:*:*:*:wordpress:*:*

History

24 Feb 2025, 12:40

Type Values Removed Values Added
Summary
  • (es) El complemento ProfileGrid – User Profiles, Groups and Communities para WordPress es vulnerable a Limited Server-Side Request Forgery en todas las versiones hasta 5.9.2.2 incluida, a través de la función PM_UPPLOAD_IMAGE. Esto hace posible que los atacantes autenticados, con acceso a nivel de suscriptores y arriba, hagan solicitudes web a ubicaciones arbitrarias que se originan en la aplicación web y se pueden usar para descargar y ver imágenes, así como también validar si existe un archivo que no es de imagen, tanto en hosts locales como remotos.
First Time Metagauss
Metagauss profilegrid
References () https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.9.4.2/public/class-profile-magic-public.php#L1717 - () https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.9.4.2/public/class-profile-magic-public.php#L1717 - Product
References () https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.9.4.2/public/partials/crop.php - () https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.9.4.2/public/partials/crop.php - Product
References () https://www.wordfence.com/threat-intel/vulnerabilities/id/95d2a05d-67ae-45b1-8add-0dcf73d43181?source=cve - () https://www.wordfence.com/threat-intel/vulnerabilities/id/95d2a05d-67ae-45b1-8add-0dcf73d43181?source=cve - Third Party Advisory
CPE cpe:2.3:a:metagauss:profilegrid:*:*:*:*:*:wordpress:*:*

18 Feb 2025, 02:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-02-18 02:15

Updated : 2025-02-24 12:40


NVD link : CVE-2024-13741

Mitre link : CVE-2024-13741

CVE.ORG link : CVE-2024-13741


JSON object : View

Products Affected

metagauss

  • profilegrid
CWE
CWE-918

Server-Side Request Forgery (SSRF)