WPScan
How it works
Pricing
Vulnerabilities
WordPress
Plugins
Themes
Stats
Submit vulnerabilities
For developers
Status
API details
CLI scanner
Contact
Login
Get started
WPScan
How it works
Pricing
Vulnerabilities
WordPress
Plugins
Themes
Stats
Submit vulnerabilities
For developers
Status
API details
CLI scanner
Contact
Login
Get started
WordPress Plugin Vulnerabilities
LifterLMS – WordPress LMS Plugin
2021-05-17
LifterLMS < 4.21.2 - Access Other Student Grades/Answers via IDOR
Fixed in version 4.21.2
2021-05-10
LifterLMS < 4.21.1 - Authenticated Stored XSS in Edit Profile
Fixed in version 4.21.1
2021-05-10
LifterLMS < 4.21.1 - Reflected Cross-Site Scripting (XSS) via Coupon Code in Checkout
Fixed in version 4.21.1
2020-03-31
LifterLMS < 3.37.15 - Arbitrary File Writing
Fixed in version 3.37.15
2019-09-09
LifterLMS <= 3.34.5 - Unauthenticated Options Import
Fixed in version 3.35.1