Does BuddyPress for LearnDash have any unpatched vulnerabilities?

No. All known vulnerabilities in BuddyPress for LearnDash have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is BuddyPress for LearnDash compatible with WordPress 5.4.19?

According to WordPress.org data, BuddyPress for LearnDash 1.3.0 has been tested up to WordPress 5.4.19. Check the plugin's changelog for the latest compatibility information.

How often is BuddyPress for LearnDash updated?

BuddyPress for LearnDash was last updated on Jun 19, 2020. Frequent updates are generally a positive security signal.

What is BuddyPress for LearnDash's security score?

BuddyPress for LearnDash has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

BuddyPress for LearnDash Security & Risk Analysis

wordpress.org/plugins/buddypress-learndash

BuddyPress for LearnDash integrates the LearnDash LMS plugin with BuddyPress, so you can add groups, activity, members, and forums to your courses.

2K active installs v1.3.0 PHP + WP 3.8+ Updated Jun 19, 2020

buddypresslearndashlearninglearning-management-systemlms

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is BuddyPress for LearnDash Safe to Use in 2026?

Generally Safe

Score 85/100

BuddyPress for LearnDash has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 5yr ago

Risk Assessment

The security posture of BuddyPress-LearnDash v1.3.0 presents a mixed bag of good practices and significant concerns. On the positive side, the plugin has no recorded vulnerabilities in its history, indicating a generally stable codebase and potentially good security awareness from the developers. The code analysis also shows a high percentage of properly escaped outputs and a good number of capability checks. However, the presence of two AJAX handlers without any authentication checks is a major red flag. These unprotected entry points represent a substantial attack surface, making them prime targets for unauthorized actions if not properly secured. While no critical or high severity taint flows were detected, the fact that all three analyzed flows involved unsanitized paths is concerning and could lead to issues if not thoroughly reviewed and patched. The limited number of file operations and external HTTP requests is a positive indicator, reducing the potential for certain types of vulnerabilities. In conclusion, while the lack of historical vulnerabilities is reassuring, the unprotected AJAX endpoints and the identified unsanitized paths in taint flows represent immediate risks that need urgent attention to mitigate potential security breaches.

Key Concerns

Unprotected AJAX handlers
Taint flows with unsanitized paths
SQL queries not using prepared statements
Output not properly escaped

Vulnerabilities

None known

BuddyPress for LearnDash Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

BuddyPress for LearnDash Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

53 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

29% prepared7 total queries

Output Escaping

57% escaped93 total outputs

Data Flows

3 unsanitized

Data Flow Analysis

3 flows3 with unsanitized paths

settings_screen_save (includes\bp-learndash-group-settings.php:120)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

2 unprotected

BuddyPress for LearnDash Attack Surface

Entry Points2

Unprotected2

AJAX Handlers 2

authwp_ajax_mass_group_joinincludes\bp-learndash-users-enrollment.php:19

authwp_ajax_get_enrollment_dataincludes\bp-learndash-users-enrollment.php:21

WordPress Hooks 52

actionadmin_noticesbuddypress-learndash.php:102

actionadmin_noticesbuddypress-learndash.php:107

actionplugins_loadedbuddypress-learndash.php:133

actionadmin_initincludes\admin.php:138

filterplugin_action_linksincludes\admin.php:141

filternetwork_admin_plugin_action_linksincludes\admin.php:142

actiongroups_register_activity_actionsincludes\bp-learndash-activity.php:109

actionbp_template_titleincludes\bp-learndash-courses.php:7

actionbp_template_titleincludes\bp-learndash-courses.php:8

actionbp_template_contentincludes\bp-learndash-courses.php:9

actionwp_footerincludes\bp-learndash-courses.php:58

actiongroups_before_delete_groupincludes\bp-learndash-courses.php:88

actionadmin_initincludes\bp-learndash-functions.php:461

filterwp_setup_nav_menu_itemincludes\bp-learndash-functions.php:549

filterBBoss_Global_Search_CPT_sqlincludes\bp-learndash-functions.php:601

actionadd_meta_boxesincludes\bp-learndash-groups.php:43

actionsave_postincludes\bp-learndash-groups.php:44

actionbody_classincludes\bp-learndash-groups.php:45

filterthe_contentincludes\bp-learndash-groups.php:47

filterbp_get_group_typeincludes\bp-learndash-groups.php:49

actionbp_initincludes\bp-learndash-loader.php:45

actionbp_members_directory_member_typesincludes\bp-learndash-loader.php:46

actionbp_pre_user_query_constructincludes\bp-learndash-loader.php:47

actionbp_setup_navincludes\bp-learndash-loader.php:50

actionbp_setup_admin_barincludes\bp-learndash-loader.php:51

actionuser_registerincludes\bp-learndash-loader.php:53

actionset_user_roleincludes\bp-learndash-loader.php:54

actionld_added_group_accessincludes\bp-learndash-loader.php:57

actionld_removed_group_accessincludes\bp-learndash-loader.php:58

actionld_added_course_group_accessincludes\bp-learndash-loader.php:59

actionld_removed_course_group_accessincludes\bp-learndash-loader.php:60

actionlearndash_update_course_accessincludes\bp-learndash-loader.php:61

actionadded_post_metaincludes\bp-learndash-loader.php:64

actionadded_post_metaincludes\bp-learndash-loader.php:65

actionlearndash_topic_completedincludes\bp-learndash-loader.php:66

actionlearndash_lesson_completedincludes\bp-learndash-loader.php:67

actionlearndash_course_completedincludes\bp-learndash-loader.php:68

actionlearndash_quiz_completedincludes\bp-learndash-loader.php:69

actionwp_set_comment_statusincludes\bp-learndash-loader.php:70

actioncomment_postincludes\bp-learndash-loader.php:71

actioncomment_postincludes\bp-learndash-loader.php:72

actioncomment_postincludes\bp-learndash-loader.php:73

actionadmin_enqueue_scriptsincludes\bp-learndash-users-enrollment.php:18

actionedit_form_topincludes\bp-learndash-users-enrollment.php:20

actionwp_enqueue_scriptsincludes\main-class.php:310

actionbp_initincludes\main-class.php:318

actionbp_loadedincludes\main-class.php:322

actionbp_initincludes\main-class.php:323

actioninitincludes\main-class.php:326

actionadmin_initincludes\requirements-class.php:9

actionadmin_noticesincludes\requirements-class.php:31

actionwp_footertemplates\courses.php:32

Maintenance & Trust

BuddyPress for LearnDash Maintenance & Trust

Maintenance Signals

WordPress version tested5.4.19

Last updatedJun 19, 2020

PHP min version

Downloads97K

Community Trust

Rating66/100

Number of ratings18

Active installs2K

Alternatives

BuddyPress for LearnDash Alternatives

Design Upgrade for LearnDash

design-upgrade-learndash

Instantly improve LearnDash's design -- focus mode, course content, profile page, course navigation & course grid -- to more closely match yo …

7K No CVEs

Widget Areas for LearnDash

widget-areas-learndash

100

Add unlimited blocks/widgets to several areas of LearnDash Focus Mode, plus course & group pages.

700 No CVEs

Dashboard Widgets for LearnDash

dashboard-widgets-learndash

Simple, informative, beautifully-designed Dashboard widgets for your LearnDash-powered site. Quick stats at a glance, plus helpful links for faster ad …

300 No CVEs

LearnDash Assignment Uploads Control

ld-assignment-uploads-ctrl

A simple LearnDash Assignment Uploads Control plugin for LearnDash LMS .

40 No CVEs

Tutor LMS – eLearning and online course solution

tutor

A complete WordPress LMS plugin to create any eLearning website easily.

100K 60 CVEs

Developer Profile

BuddyPress for LearnDash Developer Profile

Syed Balkhi

94 plugins · 23.5M total installs

trust score

Avg Security Score

91/100

Avg Patch Time

795 days

View full developer profile

Detection Fingerprints

How We Detect BuddyPress for LearnDash

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/buddypress-learndash/includes/js/main.js/wp-content/plugins/buddypress-learndash/assets/css/style.css

Script Paths

/wp-content/plugins/buddypress-learndash/includes/js/main.js

Version Parameters

buddypress-learndash/assets/css/style.css?ver=buddypress-learndash/includes/js/main.js?ver=

HTML / DOM Fingerprints

HTML Comments

JS Globals

BuddyPress_LearnDash_PluginBuddyPress_LearnDash_LoaderBuddyPress_Learndash_GroupsBUDDYPRESS_LEARNDASH

FAQ