Latest

Steps to take after migrating to SSL

Input validation vulnerability in LifterLMS – WordPress LMS Plugin for Courses & eLearning 4.21.1

Severity: medium-risk
Status: Fixed
Publication: April 29, 2021

The LifterLMS plugin for WordPress has a security vulnerability that allowed attackers to inject code into web pages. This vulnerability affected versions up to, and including, 4.21.0 and was due to the plugin not properly sanitizing and escaping inputs. Attackers could take advantage of this vulnerability by tricking a user into clicking a link, allowing them to inject code.

Detected in:

LifterLMS – WordPress LMS for eLearning fixed vulnerable versions:

LifterLMS – WordPress LMS Plugin for eLearning fixed vulnerable versions:

LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes fixed vulnerable versions:

Open source

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Incorrect?

Is this information incorrect? Please leave us a message.

Latest

Steps to take after migrating to SSL

Input validation vulnerability in LifterLMS – WordPress LMS Plugin for Courses & eLearning 4.21.1

Detected in:

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

Get Started

About

Popular articles

Latest

Steps to take after migrating to SSL

Passkeys: no need for Limit Login Attempts?

Input validation vulnerability in LifterLMS – WordPress LMS Plugin for Courses & eLearning 4.21.1

Detected in: