CVE-2026-12073
Received Received - Intake

Privilege Escalation via Account Takeover in ProfileGrid WordPress Plugin

Publication date: 2026-06-30

Last updated on: 2026-06-30

Assigner: Wordfence

Description
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.9.9.5. This is due to the plugin not validating a `user_login` on registration forms that don't contain this parameter, and not properly handling the error messages. This makes it possible for unauthenticated attackers to change email address of user account with ID=1 (usually an administrator), and leverage that to reset the user's password and gain access to their account.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-30
Last Modified
2026-06-30
Generated
2026-06-30
AI Q&A
2026-06-30
EPSS Evaluated
N/A
NVD
CVE-2026-12073
EUVD
EUVD-2026-40254

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
profilegrid profilegrid to 5.9.9.5 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-639 The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Mitigation Strategies

The vulnerability affects all versions of the ProfileGrid plugin up to and including 5.9.9.5. Immediate mitigation steps include updating the ProfileGrid plugin to a version later than 5.9.9.5 where the issue is fixed.

Additionally, monitoring and restricting access to user registration forms and ensuring that user_login parameters are properly validated can help reduce risk.

Since the vulnerability allows privilege escalation via account takeover, it is also advisable to review administrator accounts for unauthorized changes, especially changes to email addresses, and reset passwords if suspicious activity is detected.

Executive Summary

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress has a vulnerability that allows privilege escalation through account takeover. This happens because the plugin does not validate the 'user_login' parameter on registration forms that lack it and does not properly handle error messages.

As a result, an unauthenticated attacker can change the email address of the user account with ID=1, which is usually an administrator account. After changing the email, the attacker can reset the administrator's password and gain access to that account.

Impact Analysis

This vulnerability can have severe impacts because it allows an attacker to gain administrative access to a WordPress site without authentication.

  • Complete compromise of the website through administrator account takeover.
  • Potential unauthorized changes to website content, settings, and user data.
  • Loss of control over the site, which could lead to further exploitation or malicious activities.
  • High impact on confidentiality, integrity, and availability of the affected system.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-12073. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart