Privilege Escalation Vulnerability in LifterLMS WordPress Plugin
CVE-2025-11923

8.8HIGH

Key Information:

Vendor: WordPress
Status: Lifterlms – WP Lms For Elearning, Online Courses, & Quizzes
Vendor: CVE Published:; 13 November 2025

What is CVE-2025-11923?

The LifterLMS plugin for WordPress suffers from a privilege escalation vulnerability due to inadequate verification of user identity when modifying roles via the REST API. The flaw lies in the update_item_permissions_check() function, which permits unchecked updates to user roles, allowing authenticated attackers with student-level access or higher to assume admin privileges. Additionally, there is an exploitable endpoint for instructors, further broadening the attack surface. Users are advised to update their plugin versions to prevent exploitation.

Affected Version(s)

LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes 3.5.3 <= 3.41.1

LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes 4.0.0 <= 4.21.3

LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes 5.0.0 <= 5.10.0

References

https://www.wordfence.com/threat-intel/vulnerabilities/id...

https://plugins.trac.wordpress.org/browser/lifterlms/trun...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 13, 2025
Vulnerability Reserved
Oct 17, 2025

Credit

Angus Girvan

JSON