CVE-2024-56042
CRITICAL WAF: High
CVSS 9.8
Published: 2024-12-31
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS allows SQL Injection.This issue affects WPLMS: from n/a before 1.9.9.5.3.
WAF Coverage Analysis
SQL Injection
High WAF Coverage
OWASP: A03:2021 Injection
942xxx - SQL Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| vibethemes | wordpress_learning_management_system | up to 1.9.9.5.3 |
References
- patchstack.com (Third Party Advisory)