VYPR

Wpgym Wordpress Gym Management System

by Dasinfomedia

CVEs (3)

  • CVE-2017-14844HigSep 28, 2017
    risk 0.60cvss 8.8epss 0.03

    Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.

  • CVE-2024-9941Nov 23, 2024
    risk 0.00cvss epss 0.01

    The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the MJ_gmgt_add_staff_member() function in all versions up to, and including, 67.1.0. This makes it possible for authenticated attackers,…

  • CVE-2024-9942Nov 23, 2024
    risk 0.00cvss epss 0.01

    The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the MJ_gmgt_user_avatar_image_upload() function in all versions up to, and including, 67.1.0. This makes it possible for…