CVE-2026-40474 | wger-project wger up to 2.4 Configuration config.change_gymconfig save access control

A vulnerability, which was classified as critical, was found in wger-project wger up to 2.4. This impacts the function Save of the file config.change_gymconfig of the component Configuration Handler. Such manipulation leads to improper access controls.

This vulnerability is documented as CVE-2026-40474. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More