LifterLMS
chrisbadgett
Developer
9.1.2
Latest version
10,000
Installations
No date
Last updated
Vulnerability history
0 present
13 fixed
6 Mitigation rules
- Authenticated (Student+) Privilege Escalation vulnerability9.1.0Nov 13, 2025
- SQL Injection Vulnerability<= 8.0.6Jul 1, 2025
- Reflected XSS vulnerability< 8.0.1May 19, 2025
- Missing Authorization to Unauthenticated Post Trashing vulnerability<= 8.0.1Mar 18, 2025
- Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion vulnerability<= 7.8.5Dec 17, 2024
- Authenticated (Admin+) SQL Injection vulnerability<= 7.7.5Sep 6, 2024
- Authenticated (Contributor+) SQL Injection via Shortcode vulnerability<= 7.6.2Jun 5, 2024
- Cross Site Request Forgery (CSRF) vulnerability<= 7.5.0Apr 8, 2024
- Missing Authorization via process_review vulnerability<= 7.5.1Feb 28, 2024
- Authenticated Stored Cross-Site Scripting (XSS) vulnerability<= 4.21.0May 10, 2021
- Reflected Cross-Site Scripting (XSS) vulnerability<= 4.21.0May 10, 2021
- Arbitrary File Writing vulnerability<= 3.37.14Mar 31, 2020
- Unauthenticated Options Import vulnerability<= 3.34.5Sep 9, 2019