Vulnerabilities > Metagauss

DATE CVE VULNERABILITY TITLE RISK
2019-09-03 CVE-2019-15873 Code Injection vulnerability in Metagauss Profilegrid
The profilegrid-user-profiles-groups-and-communities plugin before 2.8.6 for WordPress has remote code execution via an wp-admin/admin-ajax.php request with the action=pm_template_preview&html=<?php substring followed by PHP code.
network
low complexity
metagauss CWE-94
8.8
8.8