Dasinfomedia Wpgym - Wordpress Gym Management System

6 CVEs affecting Dasinfomedia Wpgym - Wordpress Gym Management System. Latest disclosed: 2025-09-10. Critical: 1, High: 5.

Top CVEs affecting Dasinfomedia Wpgym - Wordpress Gym Management System
CVESeverityScorePublishedSummary
CVE-2024-9942Critical9.82024-11-23The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the MJ_gmgt_use…
CVE-2025-7049High8.82025-09-10The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 67.7.0 via the 'MJ…
CVE-2025-6080High8.82025-08-16The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to unauthorized admin account creation in all versions up to, and including, 67…
CVE-2025-3671High8.82025-08-16The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 67.7.0 via the 'pa…
CVE-2024-9941High8.82024-11-23The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the MJ_gmgt_add_sta…
CVE-2025-7442High7.52025-07-11The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to SQL Injection via several parameters in the MJ_gmgt_delete_class_limit_for_me…