CVE-2025-48079

WordPress ProfileGrid <= 5.9.5.1 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Metagauss ProfileGrid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ProfileGrid : from n/a through 5.9.5.1.


We have discovered 800 live websites that are affected by CVE-2025-48079.

Run a Free Instant Scan




Affected Software

Product  Profilegrid User Profiles Groups And Communities
Category Wordpress Plugins
Vulnerable Domains800 live websites (84.75% of Profilegrid User Profiles Groups And Communities install base)
Vulnerable Versions
  • from 0 through 5.9.5.1
Vulnerable Versions Count42 versions ( 97.67% of all versions)


Common Weakness Enumeration

CWE-862 Missing Authorization



Details

  • Published - May 16, 2025
  • Updated - May 16, 2025

Credits

  • Trương Hữu Phúc (truonghuuphuc) (Patchstack Alliance) (finder)

CVE-2025-48079 usage by Country

United States314 websites



Germany89 websites
France49 websites
GB35 websites
Italy30 websites
Cyprus27 websites
Denmark23 websites
Netherlands17 websites
South Africa15 websites
Japan13 websites

CVE-2025-48079 usage by TLD

.com290 websites
.org108 websites
.de42 websites
.it28 websites
.net25 websites
.fr23 websites
.nl21 websites
.com.br21 websites
.ca12 websites
.co.uk11 websites

Vulnerable Versions

Vulnerable versions are highlighted in red

Websites affected by CVE-2025-48079

Top websites that are affected by CVE-2025-48079. Please click on the "Contact us" link to get more information.
DomainCountryRankContacts
*********.com United States***,***
*********.com United States***,***
*************.********.com United States***,***
***.ngo GB***,***
****.com United States***,***
*******.****.es Spain***,***
****.org United States***,***
************.org United States*,***,***
*******.com United States*,***,***
****************.de Germany*,***,***
See full domain list

FAQ

CVE-2025-48079 is Missing Authorization in Profilegrid User Profiles Groups And Communities
A total of 800 websites have been identified as vulnerable to CVE-2025-48079, based on global website indexing conducted by WebTechSurvey.
The Profilegrid User Profiles Groups And Communities is affected by the CVE-2025-48079 vulnerability.
Profilegrid User Profiles Groups And Communities versions up to and including 5.9.5.1 are vulnerable to CVE-2025-48079.