57 matches found
EUVD-2025-21617
Malicious code in bioql PyPI...
EUVD-2025-15489
Malicious code in bioql PyPI...
EUVD-2025-25065
Malicious code in bioql PyPI...
EUVD-2025-18545
Malicious code in bioql PyPI...
CVE-2025-7049 WPGYM - Wordpress Gym Management System <= 67.7.0 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 67.7.0 via the 'MJgmgtgmgtadduser' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
WordPress WPGYM - Wordpress Gym Management System plugin <= 67.7.0 - Authenticated (Subscriber+) Local File Inclusion to Privilege Escalation via Password Update vulnerability
WordPress WPGYM - Wordpress Gym Management System plugin = 67.7.0 - Authenticated Subscriber+ Local File Inclusion to Privilege Escalation via Password Update vulnerability discovered by WordFence in WordPress Plugin WPGYM versions = 67.7.0...
WordPress WPGYM plugin <= 67.7.0 - Missing Authorization to Admin Account Creation vulnerability
Missing Authorization to Admin Account Creation vulnerability discovered by Foxyyy in WordPress Plugin WPGYM versions = 67.7.0...
WordPress plugin WPGYM - Wordpress Gym Management System 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. WordPress plugin WPGYM - Wordpress Gym Management System...
WordPress plugin WPGYM - Wordpress Gym Management System 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin WPGYM - Wordpress Gym...
WordPress WPGYM SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. WordPress WPGYM suffers from a SQL injection vulnerability that stems from improper handling of special elements of SQL commands, no details of the vulnerability are provid...
CVE-2025-32574
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in mojoomla WPGYM allows SQL Injection. This issue affects WPGYM: from n/a through 65.0...
CVE-2025-32574
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in mojoomla WPGYM allows SQL Injection. This issue affects WPGYM: from n/a through 65.0...
CVE-2025-32574 WordPress WPGYM plugin <= 65.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in mojoomla WPGYM allows SQL Injection. This issue affects WPGYM: from n/a through 65.0...
CVE-2025-32574 WordPress WPGYM plugin <= 65.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in mojoomla WPGYM allows SQL Injection. This issue affects WPGYM: from n/a through 65.0...
CVE-2025-32574
CVE-2025-32574 corresponds to a SQL Injection vulnerability in the WordPress WPGYM (WPGYM) plugin (Wordpress Gym Management System) with affected versions up to 65.0. The issue is caused by improper neutralization of special elements in SQL commands. Public sources (PT-2025-29795, Patchstack) ind...
PT-2025-29795 · WordPress · Mojoomla Wpgym
Name of the Vulnerable Software and Affected Versions: mojomla WPGYM versions through 65.0 Description: The software is susceptible to a SQL Injection issue due to improper neutralization of special elements used in an SQL command. Recommendations: Update to a version later than 65.0...
WordPress plugin和WordPress SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. WordPress WPGYM suffers from a SQL injection vulnerability that stems from improper handling of special elements of SQL commands, no details of the vulnerability are provid...
CVE-2025-7442 WPGYM - Wordpress Gym Management System < 67.8.0 - Unauthenticated SQL Injection
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to SQL Injection via several parameters in the MJgmgtdeleteclasslimitformember, MJgmgtgetyearlyincomeexpense, MJgmgtgetmonthlyincomeexpense, MJgmgtaddclasslimit, MJgmgtviewmeetingdetail, and MJgmgtcreatemeeting functio...
CVE-2025-7442 WPGYM - Wordpress Gym Management System < 67.8.0 - Unauthenticated SQL Injection
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to SQL Injection via several parameters in the MJgmgtdeleteclasslimitformember, MJgmgtgetyearlyincomeexpense, MJgmgtgetmonthlyincomeexpense, MJgmgtaddclasslimit, MJgmgtviewmeetingdetail, and MJgmgtcreatemeeting functio...
PT-2025-29217 · WordPress · Wpgym - Wordpress Gym Management System
Name of the Vulnerable Software and Affected Versions: WPGYM - Wordpress Gym Management System plugin versions prior to 67.8.0 Description: The WPGYM - Wordpress Gym Management System plugin for WordPress is susceptible to SQL Injection due to insufficient input validation and query preparation...