{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-6080", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-06-13T17:08:37.410Z", "datePublished": "2025-08-16T03:38:50.216Z", "dateUpdated": "2026-04-08T16:59:57.053Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:59:57.053Z"}, "affected": [{"vendor": "dasinfomedia", "product": "WPGYM - Wordpress Gym Management System", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "67.7.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to unauthorized admin account creation in all versions up to, and including, 67.7.0. This is due to the plugin not properly validating a user's capabilities prior to adding users. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create new users, including admins."}], "title": "WPGYM <= 67.7.0 - Missing Authorization to Admin Account Creation", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6f853657-1801-4d63-89b8-b2132212a205?source=cve"}, {"url": "https://codecanyon.net/item/-wpgym-wordpress-gym-management-system/13352964"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-269 Improper Privilege Management", "cweId": "CWE-269", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "credits": [{"lang": "en", "type": "finder", "value": "Friderika Baranyai"}], "timeline": [{"time": "2025-08-15T14:55:07.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-18T13:36:43.579562Z", "id": "CVE-2025-6080", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-18T19:00:07.097Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-6080", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-08-18T13:36:43.579562Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-18T13:36:46.116Z"}}], "cna": {"title": "WPGYM <= 67.7.0 - Missing Authorization to Admin Account Creation", "credits": [{"lang": "en", "type": "finder", "value": "Friderika Baranyai"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "affected": [{"vendor": "dasinfomedia", "product": "WPGYM - Wordpress Gym Management System", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "67.7.0"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-08-15T14:55:07.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6f853657-1801-4d63-89b8-b2132212a205?source=cve"}, {"url": "https://codecanyon.net/item/-wpgym-wordpress-gym-management-system/13352964"}], "descriptions": [{"lang": "en", "value": "The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to unauthorized admin account creation in all versions up to, and including, 67.7.0. This is due to the plugin not properly validating a user's capabilities prior to adding users. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create new users, including admins."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:59:57.053Z"}}}, "cveMetadata": {"cveId": "CVE-2025-6080", "state": "PUBLISHED", "dateUpdated": "2026-04-08T16:59:57.053Z", "dateReserved": "2025-06-13T17:08:37.410Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-08-16T03:38:50.216Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to unauthorized admin account creation in all versions up to, and including, 67.7.0. This is due to the plugin not properly validating a user's capabilities prior to adding users. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create new users, including admins."}, {"lang": "es", "value": "El complemento WPGYM - Wordpress Gym Management System para WordPress es vulnerable a la creaci\u00f3n no autorizada de cuentas de administrador en todas las versiones hasta la 67.7.0 incluida. Esto se debe a que el complemento no valida correctamente las capacidades de un usuario antes de a\u00f1adirlo. Esto permite que atacantes autenticados, con acceso de suscriptor o superior, creen nuevos usuarios, incluidos administradores."}], "id": "CVE-2025-6080", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2025-08-16T04:15:58.867", "references": [{"source": "security@wordfence.com", "url": "https://codecanyon.net/item/-wpgym-wordpress-gym-management-system/13352964"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6f853657-1801-4d63-89b8-b2132212a205?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-21T19:20:58.283101+00:00", "value": {"mitigation_remediation": ["Update the WPGYM plugin to version 67.7.1 or later to receive the official capability check fix.", "Restrict user creation permissions so that only administrators can add new accounts, either by reviewing WordPress role capabilities or by using a role\u2011management plugin.", "Review existing user accounts for unexpected administrator entries and remove any that were added without proper authorization."], "summary": {"action": "Patch Immediately", "impact": "Privilege Escalation via Unauthorized Admin Accounts"}, "threat_synthesis": {"affected_systems": "The flaw exists in the WPGYM \u2013 Wordpress Gym Management System plugin for WordPress versions up to and including 67.7.0. Users operating these versions should consider themselves at risk until they are upgraded.", "description_and_impact": "The vulnerability in the WPGYM plugin allows an authenticated user with Subscriber-level access to create new WordPress users, including administrators, because the plugin does not enforce proper capability checks before adding users. This oversight is a classic privilege escalation flaw (CWE-269) that can give an attacker full control over the site, enabling data exfiltration, site defacement, or further attacks. The impact is a compromise of confidentiality, integrity, and availability for the entire WordPress installation.", "risk_and_exploitability": "The vulnerability scores 8.8 on the CVSS scale, indicating a high severity. The EPSS score is below 1%, suggesting that exploitation is currently unlikely but still possible. The attacker must be authenticated and have at least Subscriber permissions, then can exploit the plugin\u2019s user-creation functionality to inject admin accounts. The vulnerability is not listed in the CISA KEV catalog, but given its high impact, it warrants immediate attention."}}}}, "created": "2026-04-21T19:30:06.083365+00:00", "updated": "2026-04-21T19:30:06.083375+00:00", "vendors": []}