CVE-2025-52833

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in designthemes LMS lms allows SQL Injection.This issue affects LMS: from n/a through <= 9.2.

CVSS

No CVSS.

References

Link	Resource
https://patchstack.com/database/Wordpress/Theme/lms/vulnerability/wordpress-lms-9-1-sql-injection-vulnerability?_s_id=cve

Configurations

No configuration.

History

01 Apr 2026, 17:25

Type	Values Removed	Values Added
References	~~{'url': 'https://patchstack.com/database/wordpress/theme/lms/vulnerability/wordpress-lms-9-1-sql-injection-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}~~	() https://patchstack.com/database/Wordpress/Theme/lms/vulnerability/wordpress-lms-9-1-sql-injection-vulnerability?_s_id=cve -
Summary	~~(en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in designthemes LMS allows SQL Injection. This issue affects LMS: from n/a through 9.1.~~	(en) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in designthemes LMS lms allows SQL Injection.This issue affects LMS: from n/a through <= 9.2.
CVSS	v2 : ~~unknown~~ v3 : ~~9.3~~	v2 : unknown v3 : unknown

08 Jul 2025, 16:18

Type	Values Removed	Values Added
Summary		(es) La vulnerabilidad de neutralización incorrecta de elementos especiales utilizados en un comando SQL ('Inyección SQL') en designthemes LMS permite la inyección SQL. Este problema afecta a LMS desde n/d hasta la versión 9.1.

04 Jul 2025, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-04 12:15

Updated : 2026-04-01 17:25

NVD link : CVE-2025-52833

Mitre link : CVE-2025-52833

CVE.ORG link : CVE-2025-52833

JSON object : View

Products Affected

No product.

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

JSON object

Attach tags to CVE-2025-52833

Attach tags to `CVE-2025-52833`