Skip to main content

Lifterlms CVE-2024-4743

HIGH
SQL Injection (CWE-89)
2024-06-05 security@wordfence.com
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Patch released
Apr 08, 2026 - 18:22 nvd
Patch available
CVE Published
Jun 05, 2024 - 09:15 nvd
HIGH 8.8

DescriptionCVE.org

The LifterLMS - WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to SQL Injection via the orderBy attribute of the lifterlms_favorites shortcode in all versions up to, and including, 7.6.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

AnalysisAI

The LifterLMS - WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to SQL Injection via the orderBy attribute of the lifterlms_favorites shortcode in all versions up to, and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Technical ContextAI

This vulnerability is classified as SQL Injection (CWE-89), which allows attackers to execute arbitrary SQL commands against the database. The LifterLMS - WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to SQL Injection via the orderBy attribute of the lifterlms_favorites shortcode in all versions up to, and including, 7.6.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Contributor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. Affected products include: Lifterlms.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Use parameterized queries/prepared statements. Never concatenate user input into SQL. Apply least-privilege database permissions.

CVE-2019-15896 CRITICAL POC
9.8 Sep 10

An issue was discovered in the LifterLMS plugin through 3.34.5 for WordPress. Rated critical severity (CVSS 9.8), this v

CVE-2021-24562 HIGH POC
7.5 Aug 23

The LMS by LifterLMS - Online Course, Membership & Learning Management System Plugin for WordPress plugin before 4.21.2

CVE-2024-13619 MEDIUM POC
6.1 May 15

The LifterLMS WordPress plugin before 8.0.1 does not sanitise and escape a parameter before outputting it back in the pa

CVE-2022-1250 MEDIUM POC
6.1 May 02

The LifterLMS PayPal WordPress plugin before 1.4.0 does not sanitise and escape some parameters from the payment confirm

CVE-2020-6008 CRITICAL
9.8 Mar 31

LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbitrary file write leading to remote code execution.

CVE-2021-24308 MEDIUM POC
5.4 May 24

The 'State' field of the Edit profile page of the LMS by LifterLMS - Online Course, Membership & Learning Management Sys

CVE-2024-7349 HIGH
7.2 Sep 06

The LifterLMS - WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to blind SQL Injectio

CVE-2024-0377 MEDIUM
5.3 Mar 13

The LifterLMS - WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to unauthorized modification of da

CVE-2024-31363 MEDIUM
4.3 Apr 12

Cross-Site Request Forgery (CSRF) vulnerability in LifterLMS.5.0. Rated medium severity (CVSS 4.3), this vulnerability i

CVE-2024-12596 MEDIUM
4.3 Dec 18

The LifterLMS - WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to arbitrary post del

CVE-2023-6160 LOW
3.3 Nov 22

The LifterLMS - WordPress LMS Plugin for eLearning plugin for WordPress is vulnerable to Directory Traversal in versions

CVE-2025-2290 MEDIUM
5.3 Mar 19

The LifterLMS - WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to Unauthenticated Po

Share

CVE-2024-4743 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy