CVE-2025-11923

Name of the Vulnerable Software and Affected Versions LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin versions 3.5.3 through 3.41.2 LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin versions 4.0.0 through 4.21.3 LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin versions 5.0.0 through 5.10.0 LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin versions 6.0.0 through 6.11.0 LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin versions 7.0.0 through 7.8.7 LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin versions 8.0.0 through 8.0.7 LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin versions 9.0.0 through 9.0.7 LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin version 9.1.0

Description The LifterLMS plugin for WordPress is affected by a privilege escalation issue. The plugin does not properly validate a user’s identity before allowing modifications to their role through the REST API. The update item permissions check() function incorrectly returns true when a user updates their own account, failing to verify role changes. This allows authenticated attackers with student-level access or higher to escalate their privileges to administrator by modifying their roles array via a crafted REST API request. Another endpoint intended for instructors also presents an attack vector. The vulnerable API allows modification of user roles without sufficient authorization checks.

Recommendations LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin versions 3.5.3 through 3.41.2: At the moment, there is no information about a newer version that contains a fix for this vulnerability. LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin versions 4.0.0 through 4.21.3: At the moment, there is no information about a newer version that contains a fix for this vulnerability. LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin versions 5.0.0 through 5.10.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability. LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin versions 6.0.0 through 6.11.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability. LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin versions 7.0.0 through 7.8.7: At the moment, there is no information about a newer version that contains a fix for this vulnerability. LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin versions 8.0.0 through 8.0.7: At the moment, there is no information about a newer version that contains a fix for this vulnerability. LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin versions 9.0.0 through 9.0.7: At the moment, there is no information about a newer version that contains a fix for this vulnerability. LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin version 9.1.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.