CVE-2026-31922
Blind SQL Injection in Fox LMS β€ 1.0.6.3 Allows Data Exposure
Publication date: 2026-03-13
Last updated on: 2026-03-13
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| patchstack | fox_lms | to 1.0.6.3 (inc) |
| ays_pro | fox_lms | to 1.0.6.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2026-31922 is a SQL Injection vulnerability in the WordPress Fox LMS Plugin versions up to and including 1.0.6.3. It allows a malicious actor with at least contributor or developer privileges to interact directly with the plugin's database without proper neutralization of special SQL elements."}, {'type': 'paragraph', 'content': 'This vulnerability is classified under the OWASP Top 10 category A3: Injection, meaning it involves improper handling of user input that can alter SQL commands.'}] [1]
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': "This vulnerability can allow an attacker to steal or manipulate data within the Fox LMS plugin's database. Although exploitation requires certain privileges, successful attacks could lead to unauthorized data access or data integrity issues."}, {'type': 'paragraph', 'content': 'The CVSS severity score of 8.5 indicates a high severity impact, including potential confidentiality breaches and limited availability impact.'}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability is a Blind SQL Injection in the Fox LMS WordPress plugin up to version 1.0.6.3, which requires contributor or developer privileges to exploit.'}, {'type': 'paragraph', 'content': "Detection typically involves testing for SQL injection points by sending crafted SQL payloads to the plugin's input fields or API endpoints and observing responses or behavior changes."}, {'type': 'paragraph', 'content': 'However, no specific detection commands or tools are provided in the available resources.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate and recommended mitigation step is to update the Fox LMS plugin to version 1.0.6.4 or later, where the vulnerability has been patched.
Using automated update tools provided by Patchstack can facilitate rapid patching of the vulnerable plugin.
Additionally, restricting contributor or developer privileges and monitoring for suspicious database interactions can help reduce risk until the update is applied.