Lucene search
K

5 matches found

NVD
NVD
added 2024/11/23 8:15 a.m.27 views

CVE-2024-9942

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the MJgmgtuseravatarimageupload function in all versions up to, and including, 67.1.0. This makes it possible for unauthenticated attackers to upload...

9.8CVSS0.01145EPSS
Exploits0References2
Circl
Circl
added 2024/11/23 7:55 a.m.12 views

CVE-2024-9942

creationtimestamp| type| source ---|---|--- 2024-11-23 07:55:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113531192809073996 2026-06-21 05:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3morlzown2k2n...

9.8CVSS7.5AI score0.01145EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/23 7:38 a.m.38 views

CVE-2024-9942 WPGYM <= 67.1.0 - Unauthenticated Arbitrary File Upload

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the MJgmgtuseravatarimageupload function in all versions up to, and including, 67.1.0. This makes it possible for unauthenticated attackers to upload...

9.8CVSS0.01145EPSS
Exploits0References2
CVE
CVE
added 2024/11/23 7:38 a.m.71 views

CVE-2024-9942

The CVE-2024-9942 entry concerns the WPGYM WordPress Gym Management System plugin. A missing file-type validation in MJ_gmgt_user_avatar_image_upload() allows unauthenticated arbitrary file uploads on all versions up to 67.1.0, potentially enabling remote code execution on the affected site. Conn...

9.8CVSS9.9AI score0.01145EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/23 7:38 a.m.13 views

CVE-2024-9942 WPGYM <= 67.1.0 - Unauthenticated Arbitrary File Upload

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the MJgmgtuseravatarimageupload function in all versions up to, and including, 67.1.0. This makes it possible for unauthenticated attackers to upload...

9.8CVSS8AI score0.01145EPSS
Exploits0References2
Rows per page
Query Builder