VYPR
High severity8.5NVD Advisory· Published Oct 31, 2023· Updated Apr 28, 2026

CVE-2023-28777

CVE-2023-28777

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LearnDash LearnDash LMS allows SQL Injection.This issue affects LearnDash LMS: from n/a through 4.5.3.

Affected products

2
  • cpe:2.3:a:learndash:learndash:*:*:*:*:*:wordpress:*:*+ 1 more
    • cpe:2.3:a:learndash:learndash:*:*:*:*:*:wordpress:*:*range: <=4.5.3
    • (no CPE)range: <=4.5.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.