SQL Injection Vulnerability in WPLMS by VibeThemes

CVE-2024-56047

What is CVE-2024-56047?

An SQL Injection vulnerability exists in WPLMS developed by VibeThemes, allowing malicious actors to execute arbitrary SQL commands through improperly sanitized input. This flaw impacts all versions of WPLMS prior to 1.9.9.5.3. Exploiting this weakness could lead to data exposure or alteration, compromising the integrity and confidentiality of the database. Users are strongly advised to update to the latest version to mitigate potential risks.

References