Skip to main content

CoSchool LMS CVE-2025-60239

HIGH
SQL Injection (CWE-89)
2025-11-06 audit@patchstack.com
8.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.5 HIGH
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
Low

Lifecycle Timeline

5
Analysis Updated
Apr 24, 2026 - 00:28 vuln.today
v3 (cvss_changed)
Analysis Updated
Apr 24, 2026 - 00:27 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Apr 23, 2026 - 15:43 vuln.today
cvss_changed
Analysis Generated
Mar 28, 2026 - 19:20 vuln.today
CVE Published
Nov 06, 2025 - 16:16 nvd
HIGH 8.5

DescriptionCVE.org

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Codexpert, Inc CoSchool LMS coschool allows Blind SQL Injection.This issue affects CoSchool LMS: from n/a through <= 1.4.3.

AnalysisAI

Blind SQL injection in CoSchool LMS WordPress plugin through version 1.4.3 allows authenticated attackers with low-level privileges to extract sensitive database contents and potentially cause service disruption. The vulnerability is exploitable remotely with low attack complexity and enables scope escalation beyond the plugin's intended permissions. Currently showing low exploitation probability (EPSS 6th percentile), with no confirmed active exploitation or public exploit code.

Technical ContextAI

CoSchool LMS is a WordPress learning management system plugin developed by Codexpert, Inc. The vulnerability stems from CWE-89 (SQL Injection), where the plugin fails to properly sanitize user-supplied input before incorporating it into SQL queries. The blind SQL injection variant means attackers cannot directly see query results but can infer database content through timing attacks, error-based responses, or boolean conditions. The WordPress plugin architecture runs with database privileges of the wp-config.php configured user, typically granting access to all WordPress tables including user credentials, posts, and plugin-specific learning management data. The CVSS scope change (S:C) indicates the vulnerability allows attackers to impact resources beyond the plugin's authorization boundary, likely accessing data from other WordPress components or plugins sharing the same database.

Affected ProductsAI

CoSchool LMS WordPress plugin versions from unknown starting point through version 1.4.3 inclusive, developed by Codexpert, Inc. Vulnerability affects all WordPress installations running these plugin versions regardless of WordPress core version. Patchstack advisory available at https://patchstack.com/database/Wordpress/Plugin/coschool/vulnerability/wordpress-coschool-lms-plugin-1-4-3-sql-injection-vulnerability?_s_id=cve provides additional details. CPE data not available in NVD record at time of analysis.

RemediationAI

Upgrade CoSchool LMS plugin to version 1.4.4 or later if available (check WordPress plugin repository or vendor directly, as patch version not independently confirmed from provided data). Access Patchstack advisory at https://patchstack.com/database/Wordpress/Plugin/coschool/vulnerability/wordpress-coschool-lms-plugin-1-4-3-sql-injection-vulnerability?_s_id=cve for vendor-specific remediation guidance. If immediate patching is not feasible, implement compensating controls: restrict user registration to prevent untrusted account creation, audit existing low-privilege user accounts for suspicious activity, enable WordPress database query logging to detect blind SQL injection attempts through timing patterns, deploy web application firewall (WAF) rules to detect SQL injection payloads in plugin parameters (may cause false positives requiring tuning), consider temporarily disabling the plugin if LMS functionality is non-critical (disrupts learning platform operations). Database-level restrictions such as read-only credentials for the WordPress user would break core functionality. Monitor WordPress admin access logs for privilege escalation attempts following potential data exfiltration.

Share

CVE-2025-60239 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy