Does Dear LMS have any unpatched vulnerabilities?

No. All known vulnerabilities in Dear LMS have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Dear LMS compatible with WordPress 6.9.4?

According to WordPress.org data, Dear LMS 1.0.10 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

Is Dear LMS compatible with PHP 7.4+?

Dear LMS requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Dear LMS updated?

Dear LMS was last updated on Dec 15, 2025. Frequent updates are generally a positive security signal.

What is Dear LMS's security score?

Dear LMS has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Dear LMS Security & Risk Analysis

wordpress.org/plugins/dear-lms

A complete Learning Management System with courses, lessons, and topics using custom post types and drag-and-drop dashboard interface.

0 active installs v1.0.10 PHP 7.4+ WP 5.0+ Updated Dec 15, 2025

courseseducationlearning-management-systemlessonslms

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Dear LMS Safe to Use in 2026?

Generally Safe

Score 100/100

Dear LMS has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 3mo ago

Risk Assessment

The 'dear-lms' plugin v1.0.10 exhibits a generally good security posture with several strengths. The vast majority of SQL queries utilize prepared statements (87%), and output escaping is remarkably high (97%), indicating strong developer awareness of common web vulnerabilities like SQL injection and XSS. The plugin also implements a healthy number of nonce and capability checks (26 and 21 respectively), suggesting an effort to protect against CSRF and unauthorized access. The absence of known CVEs and any recorded past vulnerabilities further contributes to a positive impression of its security maturity.

Key Concerns

AJAX handlers without authentication checks
REST API routes without permission callbacks
Taint flow with unsanitized paths

Vulnerabilities

None known

Dear LMS Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 17, 2026

Dear LMS Code Analysis

Dangerous Functions

Raw SQL Queries

47 prepared

Unescaped Output

614 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

87% prepared54 total queries

Output Escaping

97% escaped630 total outputs

Data Flows

1 unsanitized

Data Flow Analysis

6 flows1 with unsanitized paths

reports_page (src\backend\support\class-lms-user-reports.php:91)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Dear LMS Attack Surface

Entry Points37

Unprotected4

AJAX Handlers 29

authwp_ajax_dearlms_starter_setupdear-lms.php:210

noprivwp_ajax_dearlms_starter_setupdear-lms.php:211

authwp_ajax_dearlms_load_contentsrc\api\ajax\class-lms-ajax-handler.php:236

noprivwp_ajax_dearlms_load_contentsrc\api\ajax\class-lms-ajax-handler.php:237

authwp_ajax_dearlms_navigate_contentsrc\api\ajax\class-lms-ajax-handler.php:238

noprivwp_ajax_dearlms_navigate_contentsrc\api\ajax\class-lms-ajax-handler.php:239

authwp_ajax_dearlms_mark_completesrc\api\ajax\class-lms-ajax-handler.php:240

noprivwp_ajax_dearlms_mark_completesrc\api\ajax\class-lms-ajax-handler.php:241

authwp_ajax_dearlms_load_more_coursessrc\api\ajax\class-lms-ajax-handler.php:242

noprivwp_ajax_dearlms_load_more_coursessrc\api\ajax\class-lms-ajax-handler.php:243

authwp_ajax_dearlms_enroll_in_coursesrc\api\ajax\class-lms-ajax-handler.php:246

authwp_ajax_dearlms_get_lesson_coursesrc\api\ajax\class-lms-ajax-handler.php:249

authwp_ajax_dearlms_create_tablessrc\api\ajax\class-lms-ajax-handler.php:252

authwp_ajax_dearlms_starter_setupsrc\api\ajax\class-lms-ajax-handler.php:255

authwp_ajax_dearlms_builder_actionsrc\api\ajax\class-lms-ajax-handler.php:258

authwp_ajax_dearlms_save_structuresrc\backend\support\class-lms-dashboard.php:26

authwp_ajax_dearlms_get_structuresrc\backend\support\class-lms-dashboard.php:27

authwp_ajax_dearlms_create_itemsrc\backend\support\class-lms-dashboard.php:28

authwp_ajax_dearlms_delete_itemsrc\backend\support\class-lms-dashboard.php:29

authwp_ajax_dearlms_get_lessons_for_coursesrc\backend\support\class-lms-dashboard.php:32

authwp_ajax_dearlms_get_topics_listsrc\backend\support\class-lms-dashboard.php:33

authwp_ajax_dearlms_delete_topicsrc\backend\support\class-lms-dashboard.php:34

authwp_ajax_dearlms_update_topic_ordersrc\backend\support\class-lms-dashboard.php:35

authwp_ajax_dearlms_export_user_reportssrc\backend\support\class-lms-user-reports.php:23

authwp_ajax_dearlms_filter_user_reportssrc\backend\support\class-lms-user-reports.php:24

authwp_ajax_dearlms_create_demo_enrollmentssrc\backend\support\class-lms-user-reports.php:25

authwp_ajax_dearlms_delete_usersrc\backend\support\class-lms-user-reports.php:26

authwp_ajax_dearlms_delete_all_userssrc\backend\support\class-lms-user-reports.php:27

authwp_ajax_dearlms_edit_usersrc\backend\support\class-lms-user-reports.php:28

REST API Routes 5

GET/wp-json/dearlms/v1/coursessrc\api\rest\class-lms-rest-api.php:55

GET/wp-json/dearlms/v1/courses/(?P<id>\d+)src\api\rest\class-lms-rest-api.php:62

GET/wp-json/dearlms/v1/courses/(?P<id>\d+)/structuresrc\api\rest\class-lms-rest-api.php:69

GET/wp-json/dearlms/v1/progress/(?P<course_id>\d+)src\api\rest\class-lms-rest-api.php:76

POST/wp-json/dearlms/v1/progress/(?P<course_id>\d+)src\api\rest\class-lms-rest-api.php:83

Shortcodes 3

[dearlms_courses_listing] src\backend\shortcodes\class-lms-shortcodes.php:57

[dearlms_course_progress] src\backend\shortcodes\class-lms-shortcodes.php:58

[course_lesson] src\backend\shortcodes\class-lms-shortcodes.php:59

WordPress Hooks 47

actionplugins_loadeddear-lms.php:134

actioninitdear-lms.php:199

actionwp_enqueue_scriptsdear-lms.php:200

actionadmin_enqueue_scriptsdear-lms.php:201

actionadmin_menudear-lms.php:207

filterlogin_redirectdear-lms.php:214

actionload-post-new.phpdear-lms.php:217

actionsave_postdear-lms.php:218

actionplugins_loadeddear-lms.php:777

actioninitsrc\backend\core\class-lms-core.php:52

actionwp_enqueue_scriptssrc\backend\core\class-lms-core.php:53

actionwp_enqueue_scriptssrc\backend\core\class-lms-core.php:54

actionadmin_enqueue_scriptssrc\backend\core\class-lms-core.php:55

actionrest_api_initsrc\backend\core\class-lms-core.php:56

actioninitsrc\backend\core\class-lms-core.php:60

actioninitsrc\backend\core\class-lms-core.php:63

actionwpsrc\backend\core\class-lms-core.php:64

filtertemplate_includesrc\backend\core\class-lms-core.php:67

filterquery_varssrc\backend\core\class-lms-core.php:265

filterwp_titlesrc\backend\core\class-lms-core.php:283

filterdocument_title_partssrc\backend\core\class-lms-core.php:287

filterwp_titlesrc\backend\core\class-lms-core.php:299

filterdocument_title_partssrc\backend\core\class-lms-core.php:303

actionadmin_enqueue_scriptssrc\backend\support\class-lms-dashboard.php:25

actioninitsrc\backend\support\class-lms-post-types.php:45

actioninitsrc\backend\support\class-lms-post-types.php:46

actionadd_meta_boxessrc\backend\support\class-lms-post-types.php:47

actionsave_postsrc\backend\support\class-lms-post-types.php:48

actionadmin_enqueue_scriptssrc\backend\support\class-lms-post-types.php:49

actionset_object_termssrc\backend\support\class-lms-post-types.php:52

actionsave_post_dearlms_lessonsrc\backend\support\class-lms-post-types.php:55

actionsave_post_dearlms_topicsrc\backend\support\class-lms-post-types.php:56

filtermanage_dearlms_course_posts_columnssrc\backend\support\class-lms-post-types.php:59

actionmanage_dearlms_course_posts_custom_columnsrc\backend\support\class-lms-post-types.php:60

filtermanage_dearlms_lesson_posts_columnssrc\backend\support\class-lms-post-types.php:62

actionmanage_dearlms_lesson_posts_custom_columnsrc\backend\support\class-lms-post-types.php:63

filtermanage_dearlms_topic_posts_columnssrc\backend\support\class-lms-post-types.php:65

actionmanage_dearlms_topic_posts_custom_columnsrc\backend\support\class-lms-post-types.php:66

filtermanage_edit-dearlms_lesson_sortable_columnssrc\backend\support\class-lms-post-types.php:69

filtermanage_edit-dearlms_topic_sortable_columnssrc\backend\support\class-lms-post-types.php:70

actionpre_get_postssrc\backend\support\class-lms-post-types.php:71

filterpost_type_linksrc\backend\support\class-lms-post-types.php:74

actionadmin_enqueue_scriptssrc\backend\support\class-lms-user-reports.php:22

actiontemplate_redirectsrc\frontend\components\class-lms-template-handler.php:55

actionwp_headsrc\frontend\components\class-lms-template-handler.php:193

actionwp_headsrc\frontend\components\class-lms-template-handler.php:200

actionwp_footersrc\frontend\components\class-lms-template-handler.php:204

Maintenance & Trust

Dear LMS Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 15, 2025

PHP min version7.4

Downloads245

Community Trust

Rating100/100

Number of ratings4

Active installs0

Alternatives

Dear LMS Alternatives

Tutor LMS Divi Modules

tutor-lms-divi-modules

Get 26+ Tutor LMS Divi Page builder widgets to create an entire eLearning site and design custom course pages, course carousels, listings, and more.

1K No CVEs

Mentaro LMS

mentaro-lms

100

Fast, focused LMS for WordPress: build courses quickly with a clean, reliable workflow.

0 No CVEs

Perception LMS

ps-lms

PS LMS is a full-featured, free LMS that integrates easily with any theme.

0 No CVEs

SkillTriks

skilltriks

100

Transform your WordPress site into a dynamic Learning Management System (LMS) using our innovative WordPress LMS Plugin.

0 No CVEs

Tutor LMS – eLearning and online course solution

tutor

A complete WordPress LMS plugin to create any eLearning website easily.

100K 61 CVEs

Developer Profile

Dear LMS Developer Profile

Sanchit Pandey

2 plugins · 0 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Dear LMS

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/dear-lms/src/frontend/assets/lms-styles.css/wp-content/plugins/dear-lms/src/frontend/assets/lms-scripts.js

Script Paths

/wp-content/plugins/dear-lms/src/frontend/assets/lms-scripts.js

Version Parameters

dear-lms/src/frontend/assets/lms-styles.css?ver=dear-lms/src/frontend/assets/lms-scripts.js?ver=

HTML / DOM Fingerprints

CSS Classes

dear_lms_course_contentdear_lms_course_sidebardear_lms_course_singledear_lms_lesson_contentdear_lms_lesson_sidebardear_lms_topic_contentdear_lms_topic_sidebardear_lms_quiz_content+7 more

HTML Comments

+4 more

Data Attributes

data-lms-course-iddata-lms-lesson-iddata-lms-topic-iddata-lms-quiz-iddata-lms-user-iddata-lms-enrollment-id

JS Globals

dear_lms_paramsdear_lms_ajax_url

REST Endpoints

/wp-json/dearlms/v1/courses/wp-json/dearlms/v1/lessons/wp-json/dearlms/v1/topics/wp-json/dearlms/v1/quizzes/wp-json/dearlms/v1/enrollments/wp-json/dearlms/v1/progress

Shortcode Output

[dear_lms_course_list][dear_lms_course_detail][dear_lms_lesson_list][dear_lms_topic_detail]

FAQ

Dear LMS Security & Risk Analysis

Is Dear LMS Safe to Use in 2026?

Generally Safe

Key Concerns

Dear LMS Security Vulnerabilities

Dear LMS Code Analysis

SQL Query Safety

Output Escaping

Data Flow Analysis

Dear LMS Attack Surface

AJAX Handlers 29

REST API Routes 5

Shortcodes 3

Dear LMS Maintenance & Trust

Maintenance Signals

Community Trust

Dear LMS Alternatives

Tutor LMS Divi Modules

Mentaro LMS

Perception LMS

SkillTriks

Tutor LMS – eLearning and online course solution

Dear LMS Developer Profile

How We Detect Dear LMS

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Dear LMS