Vulnerabilities in chrisbadgett
9 resultsCVE-2023-6160LOWLifterLMS <= 7.4.2 - Authenticated(Administrator+) Directory Traversal to Arbitrary CSV File DeletionEPSS 0.8%CVE-2024-0377MEDIUMLifterLMS – WordPress LMS Plugin for eLearning <= 7.5.1 - Missing Authorization via process_reviewEPSS 0.7%CVE-2024-7349HIGHLifterLMS <= 7.7.5 - Authenticated (Admin+) SQL InjectionEPSS 0.5%CVE-2024-4743HIGHLifterLMS – WordPress LMS Plugin for eLearning <= 7.6.2 - Authenticated (Contributor+) SQL Injection via ShortcodeEPSS 0.5%CVE-2026-5207MEDIUMLifterLMS <= 9.2.1 - Authenticated (Custom+) SQL Injection via 'order' ParameterEPSS 0.4%CVE-2024-12596MEDIUMLifterLMS – WP LMS for eLearning, Online Courses, & Quizzes <= 7.8.5 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post DeletionEPSS 0.3%CVE-2025-52717CRITICALWordPress LifterLMS plugin <= 8.0.6 - SQL Injection VulnerabilityEPSS 0.3%CVE-2025-11923HIGHLifterLMS – WP LMS for eLearning, Online Courses, & Quizzes - Various Versions - Authenticated (Student+) Privilege EscalationEPSS 0.3%CVE-2025-2290MEDIUMLifterLMS <= 8.0.1 - Missing Authorization to Unauthenticated Post TrashingEPSS 0.3%