LifterLMS
Moderate fix1 remedy
cpe:2.3:a:lifterlms:lifterlms:*:*:*:*:wordpress:*:*
Moderate fix1 remedy
- <= 9.2.1
LifterLMS SQL Injection Vulnerability in WordPress Plugin
Vulnerability
Patched
A SQL injection vulnerability has been identified in the LifterLMS WordPress plugin, affecting all versions through 9.2.1. The issue arises from inadequate escaping of user-supplied data in the 'order' parameter, allowing authenticated attackers with Instructor-level access or higher, and the edit_post capability on quizzes, to inject additional SQL queries. This exploitation could lead to unauthorized access to sensitive database information.
Impact
Exploitation of this vulnerability allows for SQL injection, where an attacker can manipulate database queries to extract sensitive information from the database.
Reproduction
To reproduce this vulnerability, an authenticated user with Instructor-level access and the edit_post capability on a quiz can send a request to the LifterLMS reporting table for quiz non-attempts. The 'order' parameter can be manipulated to inject additional SQL queries. The vulnerability can be exploited through the WordPress admin interface by accessing the 'Students Without Quiz Attempts' report and modifying the 'order' parameter in the request.
Remediation
Users are advised to update the LifterLMS WordPress plugin to version 9.2.2 or later.
Added: Apr 11, 2026, 2:29 AM
Updated: Apr 11, 2026, 2:29 AM
Vulnerability Rating
Custom Algorithm
spread
5.2impact
3.1exploitability
6.4remediation
7.7relevance
5.6threat
4.8urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.