MasterStudy LMS WordPress Plugin – for Online Courses and Education, CVE-2025-64366

CVE, Research URL: CVE-2025-64366
Home page URL: Security reports for MasterStudy LMS WordPress Plugin – for Online Courses and Education
Application: MasterStudy LMS WordPress Plugin – for Online Courses and Education
Published on: Oct 31, 2025
Research Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Blind SQL Injection.This issue affects MasterStudy LMS: from n/a through <= 3.6.27.
Affected versions: max 3.6.27.
Status: vulnerable