{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T09:52:09.208","vulnerabilities":[{"cve":{"id":"CVE-2025-6080","sourceIdentifier":"security@wordfence.com","published":"2025-08-16T04:15:58.867","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to unauthorized admin account creation in all versions up to, and including, 67.7.0. This is due to the plugin not properly validating a user's capabilities prior to adding users. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create new users, including admins."},{"lang":"es","value":"El complemento WPGYM - Wordpress Gym Management System para WordPress es vulnerable a la creación no autorizada de cuentas de administrador en todas las versiones hasta la 67.7.0 incluida. Esto se debe a que el complemento no valida correctamente las capacidades de un usuario antes de añadirlo. Esto permite que atacantes autenticados, con acceso de suscriptor o superior, creen nuevos usuarios, incluidos administradores."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"references":[{"url":"https://codecanyon.net/item/-wpgym-wordpress-gym-management-system/13352964","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/6f853657-1801-4d63-89b8-b2132212a205?source=cve","source":"security@wordfence.com"}]}}]}