Skip to main content

LBG Zoominoutslider CVE-2025-68056

HIGH
SQL Injection (CWE-89)
2025-12-16 audit@patchstack.com
8.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.5 HIGH
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
None
Availability
Low

Lifecycle Timeline

4
Analysis Updated
Apr 24, 2026 - 00:18 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Apr 23, 2026 - 15:43 vuln.today
cvss_changed
Analysis Generated
Apr 01, 2026 - 15:22 vuln.today
CVE Published
Dec 16, 2025 - 09:16 nvd
HIGH 8.5

DescriptionCVE.org

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LambertGroup LBG Zoominoutslider lbg_zoominoutslider allows SQL Injection.This issue affects LBG Zoominoutslider: from n/a through <= 5.4.4.

AnalysisAI

SQL injection in LBG Zoominoutslider WordPress plugin versions through 5.4.4 allows authenticated attackers with low-level privileges to extract sensitive database information and potentially cause denial of service. The vulnerability enables cross-scope impact, meaning attackers can access resources beyond their authorized privilege level. EPSS probability is low (0.04%, 14th percentile), indicating limited observed exploitation activity, though Patchstack's disclosure suggests active security community awareness.

Technical ContextAI

This is a SQL injection vulnerability (CWE-89) in the LBG Zoominoutslider WordPress plugin (lbg_zoominoutslider). SQL injection occurs when user-controlled input is improperly sanitized before being concatenated into SQL queries, allowing attackers to inject malicious SQL syntax. The vulnerability exists in versions up to and including 5.4.4. As a WordPress plugin, this component extends WordPress functionality and likely includes database operations for managing slider content, settings, or media assets. The changed scope (S:C) in the CVSS vector indicates the vulnerable component's privileges differ from the impacted component's privileges, suggesting the SQL injection can access database tables or resources outside the plugin's normal authorization boundaries within the WordPress database schema.

Affected ProductsAI

LambertGroup LBG Zoominoutslider WordPress plugin versions from the initial release through version 5.4.4 are confirmed vulnerable. The vulnerability database entry references version 5.4.5, suggesting this may be the first patched version, though this requires confirmation from the vendor or Patchstack advisory at https://patchstack.com/database/Wordpress/Plugin/lbg_zoominoutslider/vulnerability/wordpress-lbg-zoominoutslider-plugin-5-4-5-sql-injection-vulnerability. All WordPress installations running the lbg_zoominoutslider plugin below the fixed version and permitting user registration or having existing authenticated users are potentially affected.

RemediationAI

Update LBG Zoominoutslider to version 5.4.5 or later immediately, as indicated by the Patchstack advisory reference (https://patchstack.com/database/Wordpress/Plugin/lbg_zoominoutslider/vulnerability/wordpress-lbg-zoominoutslider-plugin-5-4-5-sql-injection-vulnerability). Verify the installed version through WordPress admin dashboard under Plugins and confirm the update completes successfully. If immediate patching is not feasible, implement compensating controls: disable user registration in WordPress settings (Settings > General > Membership) to prevent new low-privilege account creation, though this does not protect against exploitation by existing authenticated users. Audit existing user accounts and remove or downgrade unnecessary accounts with subscriber-level or higher privileges. Configure WordPress firewall rules (via security plugins like Wordfence or Sucuri) to monitor and block SQL injection patterns in requests to the plugin's endpoints, though this provides only partial protection. Database activity monitoring can detect exploitation attempts through unusual query patterns or access to tables outside normal plugin operations. Consider temporarily deactivating the plugin if slider functionality is non-critical until patching is completed, though this impacts site functionality. All compensating controls are interim measures; patching remains the only complete mitigation.

Share

CVE-2025-68056 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy