EUVD-2025-25065

Malicious code in bioql PyPI...

CVE-2025-7049 WPGYM - Wordpress Gym Management System <= 67.7.0 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 67.7.0 via the 'MJgmgtgmgtadduser' function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...

WordPress WPGYM - Wordpress Gym Management System plugin <= 67.7.0 - Authenticated (Subscriber+) Local File Inclusion to Privilege Escalation via Password Update vulnerability

WordPress WPGYM - Wordpress Gym Management System plugin = 67.7.0 - Authenticated Subscriber+ Local File Inclusion to Privilege Escalation via Password Update vulnerability discovered by WordFence in WordPress Plugin WPGYM versions = 67.7.0...

WordPress WPGYM plugin <= 67.7.0 - Missing Authorization to Admin Account Creation vulnerability

Missing Authorization to Admin Account Creation vulnerability discovered by Foxyyy in WordPress Plugin WPGYM versions = 67.7.0...

WordPress plugin WPGYM - Wordpress Gym Management System 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. WordPress plugin WPGYM - Wordpress Gym Management System...

WordPress plugin WPGYM - Wordpress Gym Management System 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin WPGYM - Wordpress Gym...

CVE-2025-32574

CVE-2025-32574 corresponds to a SQL Injection vulnerability in the WordPress WPGYM (WPGYM) plugin (Wordpress Gym Management System) with affected versions up to 65.0. The issue is caused by improper neutralization of special elements in SQL commands. Public sources (PT-2025-29795, Patchstack) ind...

CVE-2025-7442 WPGYM - Wordpress Gym Management System < 67.8.0 - Unauthenticated SQL Injection

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to SQL Injection via several parameters in the MJgmgtdeleteclasslimitformember, MJgmgtgetyearlyincomeexpense, MJgmgtgetmonthlyincomeexpense, MJgmgtaddclasslimit, MJgmgtviewmeetingdetail, and MJgmgtcreatemeeting functio...

PT-2025-29217 · WordPress · Wpgym - Wordpress Gym Management System

Name of the Vulnerable Software and Affected Versions: WPGYM - Wordpress Gym Management System plugin versions prior to 67.8.0 Description: The WPGYM - Wordpress Gym Management System plugin for WordPress is susceptible to SQL Injection due to insufficient input validation and query preparation...

WordPress WPGYM plugin <= 65.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Jingle Bells in WordPress Plugin WPGYM versions = 65.0...

WordPress plugin WPGYM 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress WPGYM plugin <= 65.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Aiden Thái An in WordPress Plugin WPGYM versions = 65.0...

CVE-2025-32643 WordPress WPGYM Plugin <= 65.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in mojoomla WPGYM allows Blind SQL Injection. This issue affects WPGYM: from n/a through 65.0...

WordPress WPGYM Plugin <= 67.1.0 is vulnerable to Broken Access Control

Software WPGYM Type Plugin Vulnerable versions = 67.1.0 Fixed in 67.2.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9941 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 71c6636a78f1 Credits Tonn Required privilege Subscriber...

CVE-2024-9941 WPGYM <= 67.1.0 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the MJgmgtaddstaffmember function in all versions up to, and including, 67.1.0. This makes it possible for authenticated attackers, with subscriber-level...

WordPress plugin WPGYM 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

WordPress plugin WPGYM 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress WPGYM plugin <= 67.1.0 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Tonn in WordPress Plugin WPGYM versions = 67.1.0...

WordPress WPGYM Plugin <= 67.1.0 is vulnerable to Arbitrary File Upload

Software WPGYM Type Plugin Vulnerable versions = 67.1.0 Fixed in 67.2.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-9942 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 58875029db47 Credits Tonn Required privilege Unauthenticated Published...

WordPress WPGYM Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WPGYM - Wordpress Gym Management System - SQL Injection Dork: N/A Date: 26.09.2017 Vendor Homepage: http://mojoomla.com/ Software Link: https://codecanyon.net/item/-wpgym-wordpress-gym-management-system/13352964 Demo:...