Wpgym Gym Management System Security Vulnerabilities and Issues — Wpgym Gym Management System CVE List

Lucene search

DasinfomediaWpgym Gym Management System

3 matches found

CVE•added 2024/11/23 8:15 a.m.•52 views

CVE-2024-9942

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the MJ_gmgt_user_avatar_image_upload() function in all versions up to, and including, 67.1.0. This makes it possible for unauthenticated attackers to uploa...

9.8CVSS9.9AI score0.04196EPSS

CVE•added 2024/11/23 8:15 a.m.•44 views

CVE-2024-9941

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the MJ_gmgt_add_staff_member() function in all versions up to, and including, 67.1.0. This makes it possible for authenticated attackers, with subscriber-level...

8.8CVSS8.6AI score0.00074EPSS

CVE•added 2017/09/28 1:29 a.m.•39 views

CVE-2017-14844

Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.

8.8CVSS9.1AI score0.00749EPSS