CVE-2026-12073 | The ProfileGrid – User Profiles, Groups and Communities plug… | CVSS 9.8 CRITICAL

Description

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.9.9.5. This is due to the plugin not validating a `user_login` on registration forms that don't contain this parameter, and not properly handling the error messages. This makes it possible for unauthenticated attackers to change email address of user account with ID=1 (usually an administrator), and leverage that to reset the user's password and gain access to their account.

Metadata

CVE ID: CVE-2026-12073
State: PUBLISHED
Assigner: Wordfence
Reserved: 2026-06-12 10:09 UTC
Published: 2026-06-30 05:34 UTC
Last updated: 2026-06-30 05:34 UTC
Primary CWE: CWE-639
CWE-639 Authorization Bypass Through User-Controlled Key
Vendor / Product: metagauss / ProfileGrid – User Profiles, Groups and Communities
Sources: cve.org · NVD

Severity & Metrics

9.8 CRITICAL CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products (1)

Vendor	Product	Platform	Versions
metagauss	ProfileGrid – User Profiles, Groups and Communities	—	0 ≤ 5.9.9.5

Weakness (CWE)

CWE	Source	Description
CWE-639	cna	CWE-639 Authorization Bypass Through User-Controlled Key

CVSS scores (1)

Score	Severity	Version	Source	Vector
9.8	CRITICAL	3.1	cna	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References (2)