SQL Injection Vulnerability in LBG Zoominoutslider by LambertGroup
CVE-2025-68056

Currently unrated

Key Information:

Vendor

WordPress
Status
Lbg Zoominoutslider
Vendor
CVE Published:
16 December 2025

What is CVE-2025-68056?

The LBG Zoominoutslider plugin by LambertGroup contains a vulnerability that allows attackers to perform SQL injection attacks. This vulnerability arises due to improper handling of special elements in SQL commands, which can lead to unauthorized database access and manipulation. Affected versions of this plugin include all versions up to 5.4.5. Users of the LBG Zoominoutslider plugin are advised to update to the latest version to safeguard their installations against potential exploits.

Affected Version(s)

LBG Zoominoutslider <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/lbg_...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

João Pedro S Alcântara (Kinorth) | Patchstack Bug Bounty Program
JSON
.
CVE-2025-68056 : SQL Injection Vulnerability in LBG Zoominoutslider by LambertGroup