diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
index 2bbb9e1..1d69abf 100644
--- a/docs/CHANGELOG.md
+++ b/docs/CHANGELOG.md
@@ -1,6 +1,10 @@
 Changelog
 =========
 
+1.1.5 (Unreleased)
+------------------------
+- Enh: Add profile attributes to whitelist
+
 1.1.4 (January 22, 2024)
 ------------------------
 - Enh: use color variables
diff --git a/module.json b/module.json
index d8097ed..386a2a2 100644
--- a/module.json
+++ b/module.json
@@ -3,7 +3,7 @@
   "name": "Virtual Card Popover",
   "description": "Shows a virtual business card displaying brief information about the user when hovering over a user's profile picture or name",
   "keywords": ["business card, popover, hover, profile information"],
-  "version": "1.1.4",
+  "version": "1.1.5",
   "humhub": {
     "minVersion": "1.14"
   },
diff --git a/widgets/VCardUser.php b/widgets/VCardUser.php
index 5c6408e..5d8bf99 100644
--- a/widgets/VCardUser.php
+++ b/widgets/VCardUser.php
@@ -10,6 +10,7 @@
 use humhub\components\Widget;
 use humhub\modules\popovervcard\Module;
 use humhub\modules\user\models\Profile;
+use humhub\modules\user\models\ProfileField;
 use Twig\Environment;
 use Twig\Error\LoaderError;
 use Twig\Error\RuntimeError;
@@ -34,7 +35,11 @@ public function run()
         $module = Yii::$app->getModule('popover-vcard');
 
         $twig = new Environment(new ArrayLoader());
-        $twig->addExtension(new SandboxExtension(new SecurityPolicy(['if', 'for'], ['escape', 'e'], [Profile::class => 'about']), true));
+        $twig->addExtension(new SandboxExtension(new SecurityPolicy(
+            ['if', 'for'],
+            ['escape', 'e'],
+            [Profile::class => ProfileField::find()->select('internal_name')->column()]
+        ), true));
 
         $templateParams = ['user' => $this->user, 'profile' => $this->user->profile];
 
@@ -51,4 +56,4 @@ public function run()
         ]);
     }
 
-}
\ No newline at end of file
+}