cleantalk
Vulnerabilities and Security Researches

MasterStudy LMS WordPress Plugin – for Online Courses and Education, CVE-2025-64366

CVE, Research URL

CVE-2025-64366

Home page URL

Security reports for MasterStudy LMS WordPress Plugin – for Online Courses and Education

Application

MasterStudy LMS WordPress Plugin – for Online Courses and Education

Published on
Oct 31, 2025
Research Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Blind SQL Injection.This issue affects MasterStudy LMS: from n/a through <= 3.6.27.
Affected versions
max 3.6.27.
Status
vulnerable
Previous vulnerability researches
Simple Downloads List (CVE-2025-12583) , Nov 11, 2025
Simple Downloads List (CVE-2024-13594) , Jan 26, 2025
New vulnerability
WP SMS &#8211; Messaging &amp; SMS Notification for WordPress, WooCommerce, GravityForms, etc (CVE-2025-62006) , Nov 11, 2025
Ai Auto Tool Content Writing Assistant (Bard Writer, ChatGPT ) All in One (CVE-2025-12156) , Nov 11, 2025
Whydonate &#8211; FREE Donate button &#8211; Crowdfunding &#8211; Fundraising (CVE-2025-10186) , Nov 11, 2025
Whydonate &#8211; FREE Donate button &#8211; Crowdfunding &#8211; Fundraising (CVE-2025-49899) , Nov 11, 2025
WP Popup Builder &#8211; Popup Forms and Marketing Lead Generation (CVE-2025-62902) , Nov 11, 2025