Chrisbadgett Lifterlms – Wp Lms For Elearning, Online Courses, & Quizzes
8 CVEs affecting Chrisbadgett Lifterlms – Wp Lms For Elearning, Online Courses, & Quizzes. Latest disclosed: 2026-04-11. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-11923 | High | 8.8 | 2025-11-13 | The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to privilege escalation. This is due to the plugin not prope… |
CVE-2024-4743 | High | 8.8 | 2024-06-05 | The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to SQL Injection via the orderBy attribute of the lifterlms_favorites sho… |
CVE-2024-7349 | High | 7.2 | 2024-09-06 | The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to blind SQL Injection via the 'order' parameter in all vers… |
CVE-2026-5207 | Medium | 6.5 | 2026-04-11 | The LifterLMS plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 9.2.1. This is due to insuffi… |
CVE-2025-2290 | Medium | 5.3 | 2025-03-19 | The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to Unauthenticated Post Trashing due to a missing capability… |
CVE-2024-0377 | Medium | 5.3 | 2024-03-13 | The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on… |
CVE-2024-12596 | Medium | 4.3 | 2024-12-18 | The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to arbitrary post deletion due to a missing capability check… |
CVE-2023-6160 | Low | 3.3 | 2023-11-22 | The LifterLMS – WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 7.4.2 via the ma… |