Platform
wordpress
Component
lifterlms
Fixed in
8.0.7
CVE-2025-52717 describes a SQL Injection vulnerability discovered in the LifterLMS WordPress plugin. This flaw allows attackers to inject malicious SQL code, potentially leading to unauthorized data access and manipulation. The vulnerability impacts versions from 0.0.0 through 8.0.6, and a patch is available in version 8.0.7.
Successful exploitation of this SQL Injection vulnerability could grant an attacker complete control over the LifterLMS database. This includes the ability to read, modify, or delete sensitive user data, course information, payment details, and other critical data stored within the plugin. Depending on the database structure and permissions, an attacker might also be able to gain access to other parts of the WordPress installation, leading to broader system compromise. The impact is particularly severe for organizations relying on LifterLMS for managing online courses and memberships, as a breach could result in significant data loss, reputational damage, and financial repercussions.
CVE-2025-52717 was publicly disclosed on 2025-06-27. While no public proof-of-concept (PoC) exploits have been widely reported, the CRITICAL severity and ease of SQL Injection exploitation suggest a high probability of exploitation. The vulnerability is not currently listed on CISA KEV, but its severity warrants close monitoring. Active campaigns targeting WordPress plugins are common, increasing the likelihood of this vulnerability being exploited in the wild.
Exploit Status
EPSS
0.06% (19% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-52717 is to immediately upgrade LifterLMS to version 8.0.7 or later. If upgrading is not immediately feasible due to compatibility issues or testing requirements, consider implementing temporary workarounds. These may include restricting access to vulnerable endpoints through a Web Application Firewall (WAF) or proxy server, implementing strict input validation on user-supplied data, and carefully reviewing database permissions to limit the potential impact of a successful attack. Monitor LifterLMS logs for suspicious SQL queries that could indicate an ongoing attack. After upgrading, confirm the fix by attempting a SQL injection attack on the vulnerable endpoint and verifying that it is properly sanitized.
Update the LifterLMS plugin to version 8.0.7 or later to mitigate the SQL Injection vulnerability. This update corrects how input data is handled, preventing the execution of malicious SQL code. Ensure you back up your website before updating the plugin.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-52717 is a critical SQL Injection vulnerability affecting the LifterLMS WordPress plugin, allowing attackers to inject malicious SQL code and potentially access sensitive data.
You are affected if you are using LifterLMS versions 0.0.0 through 8.0.6. Upgrade to version 8.0.7 or later to resolve the vulnerability.
The recommended fix is to upgrade LifterLMS to version 8.0.7 or later. If immediate upgrade is not possible, consider temporary workarounds like WAF rules and input validation.
While no widespread exploitation has been confirmed, the CRITICAL severity and ease of exploitation suggest a high probability of active exploitation.
Refer to the official LifterLMS website and WordPress plugin repository for the latest advisory and update information regarding CVE-2025-52717.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.