2 matches found
CVE-2024-9942
The CVE-2024-9942 entry concerns the WPGYM WordPress Gym Management System plugin. A missing file-type validation in MJ_gmgt_user_avatar_image_upload() allows unauthenticated arbitrary file uploads on all versions up to 67.1.0, potentially enabling remote code execution on the affected site. Conn...
CVE-2024-9941
The CVE-2024-9941 entry concerns the WPGYM WordPress plugin (versions