CVE-2025-6977 | ProfileGrid Plugin up to 5.9.5.4 on WordPress pm_get_messenger_notification cross site scripting

July 15, 2025 Yanac

A vulnerability was found in ProfileGrid Plugin up to 5.9.5.4 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function pm_get_messenger_notification. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2025-6977. The attack can be launched remotely. There is no exploit available.VulDB Recent EntriesRead More