CVE-2024-1512 — AI Deep Analysis Summary

🚨 **Critical SQL Injection in MasterStudy LMS!** This vulnerability allows attackers to inject malicious SQL code via the `/lms/stm-lms/order/items` REST route. The plugin fails to escape the `user` parameter properly.…

🛡️ **Root Cause: CWE-89 (SQL Injection)** The flaw is **insufficient escaping** of user-supplied input combined with **lack of prepared statements** in the SQL query.…

📦 **Affected Products:** * **Vendor:** Stylemix Themes * **Product:** MasterStudy LMS WordPress Plugin * **Version:** 3.2.5 and earlier versions are vulnerable. 📉

🕵️ **Attacker Capabilities:** Unauthenticated attackers can perform **Union-based SQL Injection**.…

🔓 **Exploitation Threshold: LOW** * **Authentication:** None required (Unauthenticated). 🚫 * **Access:** Network accessible via REST API. 🌐 * **Complexity:** Low. Simple parameter manipulation. 🎯

💣 **Public Exploits Available:** Yes! PoCs are publicly available on GitHub (e.g., `rat-c/CVE-2024-1512`) and in Nuclei templates. Automated scanning tools can already detect and exploit this. ⚠️

🔍 **Self-Check Methods:** 1. **Scan:** Use Nuclei with the CVE-2024-1512 template. 🧪 2. **Verify:** Check if your site uses MasterStudy LMS version ≤ 3.2.5. 🕵️‍♂️ 3.…

🩹 **Official Fix:** Yes, the vendor has released a fix. Update to the latest version of the MasterStudy LMS plugin. The patch addresses the escaping issue in `StmStatistics.php`. ✅

🛑 **No Patch? Mitigation:** * **Block Access:** Restrict access to `/lms/stm-lms/order/items` via WAF or firewall rules.…

🚨 **Priority: CRITICAL** * **CVSS Score:** 9.8 (Critical). 📈 * **Urgency:** Immediate action required. Public exploits exist, and no auth is needed. Patch immediately to prevent data breaches. ⏳