Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

链接： https://github.com/advisories/GHSA-hwvg-62q3-2m53

CVSS 评分： 9.3

参考链接：

• https://nvd.nist.gov/vuln/detail/CVE-2025-52833

• https://patchstack.com/database/wordpress/theme/lms/vulnerability/wordpress-lms-9-1-sql-injection-vulnerability?_s_id=cve

• https://github.com/advisories/GHSA-hwvg-62q3-2m53

描述：

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in designthemes LMS allows SQL Injection. This issue affects LMS: from n/a through 9.1.