Plattform
wordpress
Komponente
wpgym
Behoben in
67.7.1
CVE-2025-3671 is a Privilege Escalation vulnerability discovered in the WPGYM WordPress Gym Management System plugin. This flaw allows authenticated attackers with Subscriber-level access or higher to exploit a Local File Inclusion (LFI) vulnerability. Successful exploitation could lead to arbitrary file execution and compromise of the WordPress site, impacting all users of vulnerable installations.
The primary impact of CVE-2025-3671 is the potential for an attacker to gain unauthorized code execution on the WordPress server. By manipulating the 'page' parameter, an attacker can include and execute arbitrary files, effectively bypassing access controls. This could allow them to steal sensitive data, modify website content, install malicious code, or even take complete control of the server. The ability to chain this LFI exploit with uploaded files (images, etc.) significantly expands the attack surface, as attackers can leverage these files to execute PHP code. This vulnerability shares similarities with other LFI exploits where file inclusion is used to achieve code execution.
CVE-2025-3671 was publicly disclosed on 2025-08-16. While no public proof-of-concept (PoC) code has been released, the vulnerability's nature and ease of exploitation suggest a moderate probability of exploitation. The EPSS score is likely to be medium, reflecting the potential for widespread exploitation given the popularity of WordPress and the plugin's functionality. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns.
WordPress websites utilizing the WPGYM plugin, particularly those with Subscriber-level users or higher, are at risk. Shared hosting environments where multiple WordPress installations share the same server resources are also at increased risk, as a compromise of one site could potentially lead to the compromise of others. Legacy configurations with outdated WordPress versions or plugins may be more vulnerable.
• wordpress / composer / npm:
grep -r "page=../../../../" /var/www/html/wp-content/plugins/wpgym/• wordpress / composer / npm:
wp plugin list --status=inactive | grep wpgym• wordpress / composer / npm:
wp plugin update wpgym --all• generic web: Check WordPress error logs for attempts to access files outside the intended directory structure, specifically related to the 'page' parameter.
disclosure
Exploit-Status
EPSS
0.18% (39% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-3671 is to upgrade the WPGYM plugin to a version that addresses the vulnerability. As of the publication date, a patched version is expected to be released by the plugin developers. Until a patch is available, consider implementing temporary workarounds such as restricting file upload types to prevent attackers from uploading malicious PHP files. Web Application Firewalls (WAFs) configured to detect and block LFI attempts can also provide an additional layer of protection. After upgrading, verify the fix by attempting to access the vulnerable endpoint with a manipulated 'page' parameter and confirming that the server denies the request.
Actualice el plugin WPGYM a la última versión disponible para mitigar la vulnerabilidad de inclusión de archivos locales. Verifique las fuentes oficiales del plugin (Wordfence, CodeCanyon) para obtener la versión actualizada y las instrucciones de instalación. Considere implementar medidas de seguridad adicionales, como restringir el acceso a archivos sensibles y validar las entradas del usuario.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-3671 is a vulnerability allowing authenticated attackers to execute arbitrary files on a WordPress server using the WPGYM plugin, potentially leading to code execution.
If you are using the WPGYM WordPress Gym Management System plugin in versions 0.0.0–67.7.0, you are potentially affected by this vulnerability.
Upgrade the WPGYM plugin to a patched version as soon as it becomes available. Until then, consider temporary workarounds like restricting file uploads.
While no public exploits are currently known, the vulnerability's nature suggests a moderate probability of exploitation. Monitor security advisories for updates.
Refer to the WPGYM plugin developer's website or WordPress plugin repository for the official advisory and patch release.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.