High 8.8 Unfixed
2025-09-10≤ 67.7.0
WPGYM - Wordpress Gym Management System <= 67.7.0 - Authenticated (Subscriber+) Privilege Escalation via Account Takeover
WPGYM
Minimum safe version
67.8.0
Update to 67.8.0 or later to address 4 fixable vulnerabilities
Affected up to100 ⚠⚠ 5 vulnerabilities have no fix
High 8.8 Unfixed
2025-08-16≤ 67.7.0
WPGYM <= 67.7.0 - Missing Authorization to Admin Account Creation
High 8.8 Unfixed
2025-08-16≤ 67.7.0
WPGYM - Wordpress Gym Management System <= 67.7.0 - Authenticated (Subscriber+) Local File Inclusion to Privilege Escalation via Password Update
High 8.5 Unfixed
2025-07-16≤ 65.0
WordPress WPGYM plugin <= 65.0 - SQL Injection vulnerability
High 7.5
2025-07-11< 67.8.0
WPGYM - Wordpress Gym Management System < 67.8.0 - Unauthenticated SQL Injection
High 7.5 Unfixed
2025-06-17≤ 65.0
WordPress WPGYM <= 65.0 - Local File Inclusion Vulnerability
Critical 9.3
2025-05-16< 67.8.0
CVE-2025-32643
High 8.8
2024-11-25< 67.2.0
WordPress WPGYM Plugin <= 67.1.0 is vulnerable to Broken Access Control
Critical 9.8
2024-11-23< 67.2.0
CVE-2024-9942
High 8.8
2017-09-27≤ 100
CVE-2017-14844