CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9942 – WPGYM <= 67.1.0 - Unauthenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-9942
22 Nov 2024 — The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the MJ_gmgt_user_avatar_image_upload() function in all versions up to, and including, 67.1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://codecanyon.net/item/-wpgym-wordpress-gym-management-system/13352964 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9941 – WPGYM <= 67.1.0 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation
https://notcve.org/view.php?id=CVE-2024-9941
22 Nov 2024 — The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the MJ_gmgt_add_staff_member() function in all versions up to, and including, 67.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to create new user accounts with the administrator role. • https://codecanyon.net/item/-wpgym-wordpress-gym-management-system/13352964 • CWE-269: Improper Privilege Management •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-14844 – WPGYM - Wordpress Gym Management System (Unknown Version) - SQL Injection
https://notcve.org/view.php?id=CVE-2017-14844
26 Sep 2017 — Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter. WPGYM - WordPress Gym Management System de Mojoomla permite la inyección SQL mediante el parámetro id. • https://www.exploit-db.com/exploits/42801 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •