📦 Lifterlms

This SQL injection vulnerability in the LifterLMS WordPress plugin allows attackers to execute arbitrary SQL commands on the database. It affects all LifterLMS installations from unknown versions thro...

This SQL injection vulnerability in the LifterLMS WordPress plugin allows authenticated attackers with Contributor-level access or higher to inject malicious SQL queries through the 'orderBy' paramete...

This vulnerability allows authenticated attackers with administrator-level access to perform blind SQL injection attacks via the 'order' parameter in the LifterLMS WordPress plugin. Attackers can extr...

This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in the LifterLMS WordPress plugin. It allows authenticated students to access other students' answers and grades by manipula...

This vulnerability in the LifterLMS WordPress plugin allows attackers to inject malicious scripts via unsanitized parameters, which are then reflected back in web pages. It primarily targets high-priv...

The LifterLMS WordPress plugin has an unauthenticated post trashing vulnerability that allows attackers without credentials to move all published posts to the trash, making website content unavailable...