This page collects WhisperX intelligence signals tagged #ChurchCRM. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical SQL injection vulnerability has been publicly disclosed in ChurchCRM version 4.4.5, exposing the church management software's database to potential compromise. The flaw resides in the `/churchcrm/WhyCameEditor.php` endpoint, specifically within the `PersonID` parameter. The vulnerability is exploitable by an...
A critical improper authentication vulnerability has been identified in ChurchCRM, an open-source church management software platform. Tracked as CVE-2026-44547 and classified as CWE-287, the flaw carries a CVSS score of 9.6, placing it in the critical severity range. The vulnerability affects versions 7.2.0 through 7....