Known Vulnerabilities for products from Churchcrm
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Churchcrm".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40593 json | Not Provided | 2026-04-18 | 2026-04-20 | |
| CVE-2026-40582 json | Not Provided | 2026-04-18 | 2026-04-20 | |
| CVE-2026-40581 json | Not Provided | 2026-04-18 | 2026-04-20 | |
| CVE-2026-40485 json | Not Provided | 2026-04-18 | 2026-04-20 | |
| CVE-2026-40484 json | Not Provided | 2026-04-18 | 2026-04-20 | |
| CVE-2026-40483 json | Not Provided | 2026-04-18 | 2026-04-20 | |
| CVE-2026-40482 json | Not Provided | 2026-04-18 | 2026-04-20 | |
| CVE-2026-40480 json | Not Provided | 2026-04-18 | 2026-04-20 | |
| CVE-2026-39941 json | ChurchCRM is an open-source church management system. Prior to 7.1.0, an XSS vulnerability allows attacker-supplied input sen... | Not Provided | 2026-04-09 | 2026-04-14 |
| CVE-2026-39940 json | Not Provided | 2026-04-13 | 2026-04-16 | |
| CVE-2026-39344 json | ChurchCRM is an open-source church management system. Prior to 7.1.0, there is a Reflected Cross-Site Scripting (XSS) vulnera... | Not Provided | 2026-04-07 | 2026-04-09 |
| CVE-2026-39343 json | ChurchCRM is an open-source church management system. Prior to 7.1.0, a SQL injection vulnerability exists in the EditEventTy... | Not Provided | 2026-04-07 | 2026-04-10 |
| CVE-2026-39342 json | ChurchCRM is an open-source church management system. Prior to 7.1.0, the searchwhat parameter via QueryView.php with the Que... | Not Provided | 2026-04-07 | 2026-04-10 |
| CVE-2026-39341 json | ChurchCRM is an open-source church management system. Prior to 7.1.0, the application is vulnerable to time-based SQL injecti... | Not Provided | 2026-04-07 | 2026-04-15 |
| CVE-2026-39340 json | ChurchCRM is an open-source church management system. Prior to 7.1.0, a SQL injection vulnerability exists in PropertyTypeEdi... | Not Provided | 2026-04-07 | 2026-04-09 |
| CVE-2026-39339 json | ChurchCRM is an open-source church management system. Prior to 7.1.0, a critical authentication bypass vulnerability in Chur... | Not Provided | 2026-04-07 | 2026-04-10 |
| CVE-2026-39338 json | ChurchCRM is an open-source church management system. Prior to 7.1.0, a Blind Reflected Cross-Site Scripting vulnerability ex... | Not Provided | 2026-04-07 | 2026-04-15 |
| CVE-2026-39337 json | ChurchCRM is an open-source church management system. Prior to 7.1.0, critical pre-authentication remote code execution vulne... | Not Provided | 2026-04-07 | 2026-04-10 |
| CVE-2026-39336 json | ChurchCRM is an open-source church management system. Prior to 7.1.0, a stored cross-site scripting issue affects the Directo... | Not Provided | 2026-04-07 | 2026-04-10 |
| CVE-2026-39335 json | ChurchCRM is an open-source church management system. Prior to 7.1.1, there is Stored XSS in group remove control and family ... | Not Provided | 2026-04-07 | 2026-04-09 |