CVE-2025-3671
BaseFortify
Publication date: 2025-08-16
Last updated on: 2025-08-18
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wordpress | wpgym | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability is a Local File Inclusion (LFI) in the WPGYM - Wordpress Gym Management System plugin for WordPress, affecting all versions up to 67.7.0. It occurs via the 'page' parameter, allowing authenticated users with Subscriber-level access or higher to include and execute arbitrary files on the server. This means attackers can run any PHP code contained in those files, potentially bypassing access controls, accessing sensitive data, or executing malicious code. The exploit can also be used to escalate privileges, such as updating Super Administrator passwords in Multisite environments.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized access to sensitive data, bypassing of access controls, and execution of arbitrary PHP code on the server. Attackers can escalate their privileges, for example by changing Super Administrator passwords in Multisite WordPress setups, which can lead to full control over the affected site and its data.