What the vulnerability does
01Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.8.
CVE-2024-30490
CRITICAL
CVE-2024-30490: WordPress ProfileGrid plugin <= 5.7.8 - SQL Injection vulnerability
CVSS base score
9.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Key dates
02Disclosure timeline
March 29, 2024
CVE published
April 28, 2026
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-5155 qianfox FoxCMS Article.php batchCope sql injection
CVE-2025-32128 WordPress Nearby Locations Plugin <= 1.1.1 - SQL Injection vulnerability
CVE-2026-0699 code-projects Intern Membership Management System edit_activity.php sql injection
CVE-2025-4249 PHPGurukul e-Diary Management System manage-categories.php sql injection
CVE-2017-6050
