The LearnDash LMS plugin for WordPress is vulnerable to a type of attack called SQL Injection. This attack is possible in versions up to 4.5.3 because of poor security measures. An attacker, who has access to the website with the plugin installed, can use the vulnerability to get sensitive information from the database.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
