LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPress

2021-05-17

LifterLMS < 4.21.2 - Access Other Student Grades/Answers via IDOR

fixed in version 4.21.2✓

2021-05-10

LifterLMS < 4.21.1 - Authenticated Stored XSS in Edit Profile

fixed in version 4.21.1✓

2021-05-10

LifterLMS < 4.21.1 - Reflected Cross-Site Scripting (XSS) via Coupon Code in Checkout

fixed in version 4.21.1✓

2020-03-31

LifterLMS < 3.37.15 - Arbitrary File Writing

fixed in version 3.37.15✓

2019-09-09

LifterLMS <= 3.34.5 - Unauthenticated Options Import

fixed in version 3.35.1✓

Is this your WordPress plugin?

We offer WordPress plugin security testing to help identify security vulnerabilities within your plugin. Please note that this is a paid service. If you are interested in talking about having your plugin tested by WordPress security experts, get in touch.