CVE-2025-7442 | WPGYM Plugin up to 67.7.x on WordPress sql injection

July 11, 2025 Yanac

A vulnerability was found in WPGYM Plugin up to 67.7.x on WordPress. It has been rated as critical. This issue affects the function MJ_gmgt_delete_class_limit_for_member/MJ_gmgt_get_yearly_income_expense/MJ_gmgt_get_monthly_income_expense/MJ_gmgt_add_class_limit/MJ_gmgt_view_meeting_detail/MJ_gmgt_create_meeting. The manipulation leads to sql injection.

The identification of this vulnerability is CVE-2025-7442. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More