The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the MJ_gmgt_add_staff_member() function in all versions up to, and including, 67.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to create new user accounts with the administrator role.
History

Tue, 26 Nov 2024 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Mojoomla
Mojoomla wordpress Gym Management System
Weaknesses CWE-862
CPEs cpe:2.3:a:mojoomla:wordpress_gym_management_system:*:*:*:*:*:wordpress:*:*
Vendors & Products Mojoomla
Mojoomla wordpress Gym Management System

Sun, 24 Nov 2024 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Dasinfomedia
Dasinfomedia wpgym Gym Management System
CPEs cpe:2.3:a:dasinfomedia:wpgym_gym_management_system:-:*:*:*:*:wordpress:*:*
Vendors & Products Dasinfomedia
Dasinfomedia wpgym Gym Management System
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Sat, 23 Nov 2024 07:45:00 +0000

Type Values Removed Values Added
Description The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the MJ_gmgt_add_staff_member() function in all versions up to, and including, 67.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to create new user accounts with the administrator role.
Title WPGYM <= 67.1.0 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation
Weaknesses CWE-269
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2024-11-23T07:38:07.184Z

Updated: 2024-11-24T18:28:30.187Z

Reserved: 2024-10-14T16:13:58.081Z

Link: CVE-2024-9941

cve-icon Vulnrichment

Updated: 2024-11-24T18:28:26.259Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-23T08:15:04.197

Modified: 2024-11-26T19:37:15.283

Link: CVE-2024-9941

cve-icon Redhat

No data.