CVE-2025-52717 – This SQL injection vulnerability in the LifterL... (How to Fix)

Q: What is the severity of CVE-2025-52717?

CVE-2025-52717 has a CVSS score of 9.3 (CRITICAL). This SQL injection vulnerability in the LifterLMS WordPress plugin allows attackers to execute arbitrary SQL commands on the database. It affects all LifterLMS installations from unknown versions through 8.0.6. Successful exploitation could lead to data theft, modification, or deletion.

📋 TL;DR

This SQL injection vulnerability in the LifterLMS WordPress plugin allows attackers to execute arbitrary SQL commands on the database. It affects all LifterLMS installations from unknown versions through 8.0.6. Successful exploitation could lead to data theft, modification, or deletion.

💻 Affected Systems

Products:

LifterLMS WordPress plugin

Versions: n/a through 8.0.6

Operating Systems: Any OS running WordPress

Default Config Vulnerable: ⚠️ Yes

Notes: All WordPress installations using vulnerable LifterLMS versions are affected regardless of configuration.

📦 What is this software?

Lifterlms by Lifterlms

View all CVEs affecting Lifterlms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including sensitive user data exfiltration, privilege escalation, and potential remote code execution via database functions.

🟠

Likely Case

Unauthorized data access, user information theft, and potential site defacement or content manipulation.

🟢

If Mitigated

Limited impact with proper input validation and database user privilege restrictions.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

SQL injection vulnerabilities are commonly weaponized. The Patchstack reference suggests technical details are available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 8.0.7 or later

Vendor Advisory: https://patchstack.com/database/wordpress/plugin/lifterlms/vulnerability/wordpress-lifterlms-8-0-6-sql-injection-vulnerability?_s_id=cve

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find LifterLMS and click 'Update Now'. 4. Verify version is 8.0.7 or higher.

🔧 Temporary Workarounds

Temporary Plugin Deactivation

all

Disable LifterLMS plugin until patched

wp plugin deactivate lifterlms

Web Application Firewall Rules

all

Implement WAF rules to block SQL injection patterns

🧯 If You Can't Patch

Implement strict input validation and parameterized queries in custom code
Restrict database user permissions to minimum required

🔍 How to Verify

Check if Vulnerable:

Check LifterLMS plugin version in WordPress admin under Plugins → Installed Plugins

Check Version:

wp plugin list --name=lifterlms --field=version

Verify Fix Applied:

Confirm LifterLMS version is 8.0.7 or higher in WordPress admin

📡 Detection & Monitoring

Log Indicators:

Unusual SQL error messages in WordPress debug logs
Multiple failed SQL queries from single IP
Unexpected database queries containing LifterLMS tables

Network Indicators:

HTTP requests with SQL syntax in parameters
Unusual traffic patterns to LifterLMS endpoints

SIEM Query:

source="wordpress.log" AND ("SQL syntax" OR "database error" OR "lifterlms")

📊 Metadata

CVE ID: CVE-2025-52717

CVSS v3 Score: 9.3 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L

CWE: CWE-89

EPSS Score: 0.04% exploit probability (11.3th percentile)

Published: June 27, 2025

Last Updated: July 11, 2025

🔗 References

https://patchstack.com/database/wordpress/plugin/lifterlms/vulnerability/wordpress-lifterlms-8-0-6-sql-injection-vulnerability?_s_id=cve Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-52717, you might also want to check these: