The Daily Swig - ‘Unpatched’ Vulnerabilities in Wodify Fitness Management Platform Allow Attackers to Steal Gym Payments, Extract Member Data

Posted on Aug 13, 2021 11:58:34 AM

Bishop Fox security consultant Dardan Prebeza's recent advisory about serious vulnerabilities found in the Wodify gym management platform was featured in The Daily Swig.

Dardan unveiled that an authenticated attacker could read and modify all other users’ workouts data, extract PII, and eventually gain access to administrative accounts with the aim of financial gains. Wodify is used by more than 5,000 gyms globally and many CrossFit boxes in the U.S.

Read more here

Related Articles

Bleeping Computer: Bugs in Gym Management Software Let Hackers Change User Workout Results

ZDNet: Researchers Find Vulnerabilities in Wodify Gym Management Web Application Used with CrossFit

SC Media: Vulnerability Potentially Exposes the Sensitive Data of All Users of Wodify Fitness Platform

 

Topics:News

Comments

Submit a Media Request

Please get in touch with our PR Team for any press or PR related inquiries.

Email: contact@bishopfox.com

More...

Subscribe to Updates