CVE-2026-12073
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk23th percentile — higher than 23% of all known CVEs
Summary
The ProfileGrid plugin for WordPress up to version 5.9.9.5 contains a privilege escalation vulnerability via account takeover. Lack of validation of the `user_login` parameter in registration forms and improper error handling allow unauthenticated attackers to change the email address of the user account with ID=1 (typically an administrator), then reset the password and gain access.
Risk Assessment
The risk for the organization is the potential complete takeover of the administrator account by an unauthenticated attacker, leading to unauthorized access to the admin panel, data theft, and further compromise of the WordPress site.
Recommendation
Immediately update the ProfileGrid plugin to the latest available version that includes a fix for this vulnerability. Until the update is applied, temporarily disable the plugin or restrict access to registration forms.
Original NVD description (English source)
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.9.9.5. This is due to the plugin not validating a `user_login` on registration forms that don't contain this parameter, and not properly handling the error messages. This makes it possible for unauthenticated attackers to change email address of user account with ID=1 (usually an administrator), and leverage that to reset the user's password and gain access to their account.

