CVE-2024-30491 – WordPress ProfileGrid – User Profiles, Memberships, Groups and Communities plugin <= 5.7.8 - SQL Injection vulnerability

https://notcve.org/view.php?id=CVE-2024-30491

28 Mar 2024 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8. Neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyección SQL') en Metagauss ProfileGrid. Este problema afecta a ProfileGrid: desde n/a hasta 5.7.8. The ProfileGrid plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 5.7.8 due to insufficient es... • https://github.com/truonghuuphuc/CVE-2024-30491-Poc • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •