Vulnerabilities in WordPress LMS Plugins have been discovered by security researchers. LearnPress, LearnDash, and LifterLMS have security flaws that could allow students to steal personal information. The vulnerabilities were discovered in March and were responsibly disclosed to the concerned platforms. The three LMS systems are installed on approximately 100,000 different educational platforms, including major universities such as the University of Florida, University of Michigan, and University of Washington, among others. It’s recommended that users upgrade to the latest versions of these plugins.
Source: https://thehackernews.com/2020/04/wordpress-lms-plugins.html