cleantalk
Vulnerabilities and Security Researches

WP Club Manager – WordPress Sports Club Plugin, CVE-2024-1177

CVE, Research URL

CVE-2024-1177

Home page URL

Security reports for WP Club Manager – WordPress Sports Club Plugin

Application

WP Club Manager – WordPress Sports Club Plugin

Published on
Feb 06, 2024
Research Description
The WP Club Manager – WordPress Sports Club Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the settings_save() function in all versions up to, and including, 2.2.10. This makes it possible for unauthenticated attackers to update the permalink structure for the clubs
Affected versions
Min -, max 2.2.11.
Status
vulnerable
Previous vulnerability researches
WP Club Manager – WordPress Sports Club Plugin (CVE-2024-1177) , Jun 06, 2024
WP Club Manager – WordPress Sports Club Plugin (CVE-2024-32566) , Jun 06, 2024
WP Club Manager – WordPress Sports Club Plugin (CVE-2024-32719) , Jun 06, 2024
New vulnerability
SMS Alert Order Notifications – WooCommerce (CVE-2025-3876) , May 11, 2025
SMS Alert Order Notifications – WooCommerce (CVE-2025-3878) , May 11, 2025
WordPress Review Plugin: The Ultimate Solution for Building a Review Website (CVE-2025-2158) , May 11, 2025
Drag and Drop Multiple File Upload for WooCommerce (CVE-2025-4403) , May 11, 2025
Contact Us By Lord Linus (CVE-2025-1382) , May 11, 2025