WordPress LifterLMS plugin <= 8.0.6 - SQL Injection Vulnerability
wordt vertaald…Platform
wordpress
Component
lifterlms
Opgelost in
8.0.7
CVE-2025-52717 describes a SQL Injection vulnerability discovered in the LifterLMS WordPress plugin. This flaw allows attackers to inject malicious SQL code, potentially leading to unauthorized data access and manipulation. The vulnerability impacts versions from 0.0.0 through 8.0.6, and a patch is available in version 8.0.7.
Detecteer deze CVE in je project
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Impact en Aanvalsscenarioswordt vertaald…
Successful exploitation of this SQL Injection vulnerability could grant an attacker complete control over the LifterLMS database. This includes the ability to read, modify, or delete sensitive user data, course information, payment details, and other critical data stored within the plugin. Depending on the database structure and permissions, an attacker might also be able to gain access to other parts of the WordPress installation, leading to broader system compromise. The impact is particularly severe for organizations relying on LifterLMS for managing online courses and memberships, as a breach could result in significant data loss, reputational damage, and financial repercussions.
Uitbuitingscontextwordt vertaald…
CVE-2025-52717 was publicly disclosed on 2025-06-27. While no public proof-of-concept (PoC) exploits have been widely reported, the CRITICAL severity and ease of SQL Injection exploitation suggest a high probability of exploitation. The vulnerability is not currently listed on CISA KEV, but its severity warrants close monitoring. Active campaigns targeting WordPress plugins are common, increasing the likelihood of this vulnerability being exploited in the wild.
Wie Loopt Risicowordt vertaald…
Organizations and individuals using the LifterLMS plugin for managing online courses and memberships are at risk. This includes educational institutions, businesses offering online training, and individual course creators. Those running older, unpatched versions of LifterLMS, particularly those with publicly accessible course registration forms, are at the highest risk.
Detectiestappenwordt vertaald…
• wordpress / composer / npm:
grep -r "lifterlms_get_courses" /var/www/html/wp-content/plugins/• wordpress / composer / npm:
wp plugin list --status=inactive | grep lifterlms• wordpress / composer / npm:
wp plugin list | grep lifterlmsAanvalstijdlijn
- Disclosure
disclosure
Dreigingsinformatie
Exploit Status
EPSS
0.06% (19% percentiel)
CISA SSVC
CVSS-vector
Wat betekenen deze metrics?
- Attack Vector
- Netwerk — op afstand uitbuitbaar via internet. Geen fysieke of lokale toegang vereist.
- Attack Complexity
- Laag — geen speciale voorwaarden vereist. Betrouwbaar uitbuitbaar.
- Privileges Required
- Geen — geen authenticatie vereist om te exploiteren.
- User Interaction
- Geen — automatische en stille aanval. Slachtoffer doet niets.
- Scope
- Gewijzigd — aanval kan voorbij het kwetsbare component uitbreiden naar andere systemen.
- Confidentiality
- Hoog — volledig verlies van vertrouwelijkheid. Aanvaller kan alle gegevens lezen.
- Integrity
- Geen — geen integriteitsimpact.
- Availability
- Laag — gedeeltelijke of intermitterende denial of service.
Getroffen Software
Pakketinformatie
- Actieve installaties
- 10KPopulair
- Plugin-beoordeling
- 4.8
- Vereist WordPress
- 5.9+
- Compatibel tot
- 7.0
- Vereist PHP
- 7.4+
Zwakheidsclassificatie (CWE)
Tijdlijn
- Gereserveerd
- Gepubliceerd
- Gewijzigd
- EPSS bijgewerkt
Mitigatie en Workaroundswordt vertaald…
The primary mitigation for CVE-2025-52717 is to immediately upgrade LifterLMS to version 8.0.7 or later. If upgrading is not immediately feasible due to compatibility issues or testing requirements, consider implementing temporary workarounds. These may include restricting access to vulnerable endpoints through a Web Application Firewall (WAF) or proxy server, implementing strict input validation on user-supplied data, and carefully reviewing database permissions to limit the potential impact of a successful attack. Monitor LifterLMS logs for suspicious SQL queries that could indicate an ongoing attack. After upgrading, confirm the fix by attempting a SQL injection attack on the vulnerable endpoint and verifying that it is properly sanitized.
Hoe te verhelpenwordt vertaald…
Actualice el plugin LifterLMS a la versión 8.0.7 o posterior para mitigar la vulnerabilidad de inyección SQL. Esta actualización corrige la forma en que se manejan los datos de entrada, previniendo la ejecución de código SQL malicioso. Asegúrese de realizar una copia de seguridad de su sitio web antes de actualizar el plugin.
CVE Beveiligingsnieuwsbrief
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
Veelgestelde vragenwordt vertaald…
What is CVE-2025-52717 — SQL Injection in LifterLMS?
CVE-2025-52717 is a critical SQL Injection vulnerability affecting the LifterLMS WordPress plugin, allowing attackers to inject malicious SQL code and potentially access sensitive data.
Am I affected by CVE-2025-52717 in LifterLMS?
You are affected if you are using LifterLMS versions 0.0.0 through 8.0.6. Upgrade to version 8.0.7 or later to resolve the vulnerability.
How do I fix CVE-2025-52717 in LifterLMS?
The recommended fix is to upgrade LifterLMS to version 8.0.7 or later. If immediate upgrade is not possible, consider temporary workarounds like WAF rules and input validation.
Is CVE-2025-52717 being actively exploited?
While no widespread exploitation has been confirmed, the CRITICAL severity and ease of exploitation suggest a high probability of active exploitation.
Where can I find the official LifterLMS advisory for CVE-2025-52717?
Refer to the official LifterLMS website and WordPress plugin repository for the latest advisory and update information regarding CVE-2025-52717.
Is jouw project getroffen?
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.