Known Vulnerabilities for products from Wger
Listed below are 5 of the newest known vulnerabilities associated with the vendor "Wger".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40474 json | wger is a free, open-source workout and fitness manager. In versions 2.5 and below, the GymConfigUpdateView declares permissi... | Not Provided | 2026-04-17 | 2026-04-24 |
| CVE-2026-40353 json | wger is a free, open-source workout and fitness manager. In versions 2.5 and below, the attribution_link property in Abstract... | Not Provided | 2026-04-17 | 2026-04-24 |
| CVE-2023-38759 json | Cross Site Request Forgery (CSRF) vulnerability in wger Project wger Workout Manager 2.2.0a3 allows a remote attacker to gain... | 8.8 - HIGH | 2023-08-08 | 2023-08-11 |
| CVE-2023-38758 json | Cross Site Scripting vulnerability in wger Project wger Workout Manager v.2.2.0a3 allows a remote attacker to gain privileges... | 5.4 - MEDIUM | 2023-08-08 | 2023-08-11 |
| CVE-2022-2650 json | Improper Restriction of Excessive Authentication Attempts in GitHub repository wger-project/wger prior to 2.2. | 9.8 - CRITICAL | 2022-11-24 | 2022-11-30 |