WP-Safety

Dozent LMS – Powerful WordPress LMS plugin Security & Risk Analysis

wordpress.org/plugins/dozent-lms

Powerful and most advanced WordPress LMS plugin for creating your eLearning and online course platform with WordPress.

10 active installs v1.2.4 PHP 7.1.0+ WP 5.1+ Updated Nov 20, 2021
courseeducationelearninglearning-management-systemlms
85
A · Safe
CVEs total0
Unpatched0
Last CVENever
Plugin page Download
Safety Verdict

Is Dozent LMS – Powerful WordPress LMS plugin Safe to Use in 2026?

Generally Safe

Score 85/100

Dozent LMS – Powerful WordPress LMS plugin has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4yr ago
Risk Assessment

The static analysis of the "dozent-lms" plugin v1.2.4 reveals a mixed security posture. While there are no known vulnerabilities or critical taint flows, a significant concern arises from the large attack surface exposed through AJAX handlers. A high proportion of these handlers, 17 out of 19, lack authentication checks, making them prime targets for unauthenticated attackers. Furthermore, the plugin demonstrates poor output escaping practices, with only 25% of outputs being properly sanitized, increasing the risk of Cross-Site Scripting (XSS) vulnerabilities. The limited number of capability checks also contributes to the potential for privilege escalation or unauthorized actions by unauthenticated users.

The absence of any recorded vulnerabilities or CVEs in its history is a positive indicator, suggesting the developers may have a track record of producing relatively secure code or that the plugin hasn't been subjected to extensive public scrutiny. However, this positive history should not overshadow the immediate risks identified in the static analysis. The lack of robust security controls on a majority of its entry points, coupled with insufficient output sanitization, presents a clear and present danger that could be exploited.

In conclusion, while the plugin benefits from a clean vulnerability history and avoids dangerous functions, the unauthenticated AJAX handlers and poor output escaping are significant weaknesses. The plugin has a considerable attack surface that is largely unprotected, making it vulnerable to exploitation. Mitigation of these identified issues is crucial to improve its overall security.

Key Concerns

  • Large attack surface without auth checks on AJAX
  • Low percentage of properly escaped output
  • Few capability checks
Vulnerabilities
None known

Dozent LMS – Powerful WordPress LMS plugin Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Version History

Dozent LMS – Powerful WordPress LMS plugin Release Timeline

v1.2.4Current
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.1.9
v1.1.8
v1.1.7
v1.1.6
v1.1.5
v1.1.4
v1.1.3
v1.1.2
v1.1.1
v1.1.0
v1.0.0
Code Analysis
Analyzed Mar 17, 2026

Dozent LMS – Powerful WordPress LMS plugin Code Analysis

Dangerous Functions
0
Raw SQL Queries
10
24 prepared
Unescaped Output
241
82 escaped
Nonce Checks
1
Capability Checks
6
File Operations
0
External Requests
5
Bundled Libraries
0

SQL Query Safety

71% prepared34 total queries

Output Escaping

25% escaped323 total outputs
Data Flows · Security
All sanitized

Data Flow Analysis

1 flows
<instructors-page> (core\user\instructors-page.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface
17 unprotected

Dozent LMS – Powerful WordPress LMS plugin Attack Surface

Entry Points19
Unprotected17

AJAX Handlers 19

authwp_ajax_fcb_saveaddons\frontend-course-builder\frontend-course-builder.php:32
authwp_ajax_dozentlms_addon_toggleaddons\Load.php:12
authwp_ajax_review_formaddons\ratings-reviews\ratings-reviews.php:23
authwp_ajax_dozentlms_show_more_reviewsaddons\ratings-reviews\ratings-reviews.php:24
authwp_ajax_dozentlms_filter_reviewsaddons\ratings-reviews\ratings-reviews.php:25
noprivwp_ajax_dlms_auth_logincore\Auth.php:12
noprivwp_ajax_dlms_auth_registercore\Auth.php:13
noprivwp_ajax_dlms_auth_lostpasswordcore\Auth.php:14
authwp_ajax_dozentlms_add_modulecore\course\Builder.php:18
authwp_ajax_dozentlms_update_modulecore\course\Builder.php:19
authwp_ajax_dozentlms_delete_modulecore\course\Builder.php:20
authwp_ajax_dozentlms_get_wp_editorcore\course\Builder.php:21
authwp_ajax_dozentlms_lecture_savecore\course\Builder.php:22
authwp_ajax_sorting_course_contentscore\course\Builder.php:23
authwp_ajax_dozentlms_delete_module_itemcore\course\Builder.php:24
authwp_ajax_dozentlms_get_module_item_formcore\course\Builder.php:26
authwp_ajax_dozentlms_detach_product_from_coursecore\Form_Request.php:15
authwp_ajax_dozentlms_save_settingscore\settings\functions-settings.php:3
authwp_ajax_dozentlms_toggle_wishlistcore\user\Activities.php:21
WordPress Hooks 72
actionadd_meta_boxesaddons\edd\edd.php:24
filterdozentlms_course_priceaddons\edd\edd.php:29
actiondozentlms_closed_course_enrolladdons\edd\edd.php:31
actionedd_insert_paymentaddons\edd\edd.php:32
actionedd_update_payment_statusaddons\edd\edd.php:33
actionedd_payment_deleteaddons\edd\edd.php:34
filterdozentlms_settings_argsaddons\frontend-course-builder\frontend-course-builder.php:21
filterdozentlms_dashboard_tmpladdons\frontend-course-builder\frontend-course-builder.php:23
actiondozentlms/frontend/course/builder/areaaddons\frontend-course-builder\frontend-course-builder.php:24
filterdozentlms_course_data_field_attrsaddons\frontend-course-builder\frontend-course-builder.php:25
actiondozentlms/course_data/before_form/course_infoaddons\frontend-course-builder\frontend-course-builder.php:28
actiontemplate_redirectaddons\frontend-course-builder\frontend-course-builder.php:31
filterdozentlms_addonsaddons\functions-addons.php:41
filterdozentlms_settings_args_generaladdons\ratings-reviews\ratings-reviews.php:18
actiondozentlms/course/header/btn_groups/afteraddons\ratings-reviews\ratings-reviews.php:19
actiondozentlms/course-page/section/reviews/title/afteraddons\ratings-reviews\ratings-reviews.php:20
actiondozentlms/learning_area/topbar/afteraddons\ratings-reviews\ratings-reviews.php:21
actionwp_footeraddons\ratings-reviews\ratings-reviews.php:22
actiondozentlms/course/card/meta/afteraddons\ratings-reviews\ratings-reviews.php:26
actiondozentlms/list-course/title/afteraddons\ratings-reviews\ratings-reviews.php:27
filterdozentlms_dashboard_menu_itemsaddons\ratings-reviews\ratings-reviews.php:30
filterdozentlms_settings_social_login_argsaddons\social-login\social-login.php:17
actiontemplate_redirectaddons\social-login\social-login.php:18
filterwoocommerce_product_data_tabsaddons\woocommerce\woocommerce.php:18
actionwoocommerce_product_data_panelsaddons\woocommerce\woocommerce.php:19
actionsave_post_productaddons\woocommerce\woocommerce.php:20
filterdozentlms_course_priceaddons\woocommerce\woocommerce.php:22
actiondozentlms_closed_course_enrolladdons\woocommerce\woocommerce.php:23
actionwoocommerce_checkout_update_order_metaaddons\woocommerce\woocommerce.php:25
actionwoocommerce_order_status_changedaddons\woocommerce\woocommerce.php:26
filterplugin_action_linksadmin\Operations.php:8
actioninitadmin\Post_Types_Register.php:9
actioninitadmin\Post_Types_Register.php:10
actioninitadmin\Post_Types_Register.php:11
actioninitadmin\Post_Types_Register.php:12
actionadmin_menuadmin\Register_Menu.php:12
actionadmin_bar_menuadmin\Register_Menu.php:13
actionadmin_initadmin\Register_Menu.php:14
filterget_edit_post_linkcore\Admin_Bar.php:25
actiontemplate_redirectcore\course\Access.php:18
actiontemplate_redirectcore\course\Access.php:19
actiondozentlms/course/metabox/beforecore\course\Course_Data.php:18
actionsave_post_dozentlms_coursecore\course\Course_Data.php:20
actiondozentlms/course_data/before_form/course_buildercore\course\Course_Data.php:21
actiondozentlms/course_data/before_form/intended_learnerscore\course\Course_Data.php:22
actiondozentlms/course_data/before_form/pricingcore\course\Course_Data.php:23
actiondozentlms/course_data/before_form/promo_videocore\course\Course_Data.php:24
filtermanage_dozentlms_course_posts_columnscore\course\Course_Data.php:27
actionmanage_dozentlms_course_posts_custom_columncore\course\Course_Data.php:28
actiontemplate_redirectcore\Dashboard_Controller.php:24
actiontemplate_redirectcore\Form_Request.php:12
actiontemplate_redirectcore\Form_Request.php:16
actioninitcore\Form_Request.php:18
filtertemplate_includecore\hooks.php:6
filtertemplate_includecore\hooks.php:7
actionpre_get_postscore\hooks.php:8
filtertemplate_includecore\hooks.php:9
filtertemplate_includecore\hooks.php:15
filtertemplate_includecore\hooks.php:21
filterquery_varscore\Query.php:14
filtergenerate_rewrite_rulescore\Query.php:15
filterdocument_title_partscore\Query.php:16
actionadmin_initcore\settings\functions-settings.php:33
actionwp_footercore\user\Activities.php:24
actionadmin_initcore\user\Activities.php:31
actionadmin_initcore\user\Activities.php:34
actiontemplate_redirectcore\user\Activities.php:37
filterposts_clausescore\user\Activities.php:88
filterdozentlms_change_password_errorscore\user\Activities.php:160
actionplugins_loadeddozent-lms.php:40
actionadmin_enqueue_scriptsresources\Resources.php:27
actionwp_enqueue_scriptsresources\Resources.php:28
Maintenance & Trust

Dozent LMS – Powerful WordPress LMS plugin Maintenance & Trust

Maintenance Signals

WordPress version tested5.8.13
Last updatedNov 20, 2021
PHP min version7.1.0
Downloads3K

Community Trust

Rating60/100
Number of ratings2
Active installs10
Alternatives

Dozent LMS – Powerful WordPress LMS plugin Alternatives

Tutor LMS – eLearning and online course solution

Tutor LMS – eLearning and online course solution

tutor

B
75

A complete WordPress LMS plugin to create any eLearning website easily.

100K 69 CVEs
LearnPress – WordPress LMS Plugin for Create and Sell Online Courses

LearnPress – WordPress LMS Plugin for Create and Sell Online Courses

learnpress

B
76

A WordPress LMS Plugin to create WordPress Learning Management System. Turn your WordPress to LMS WordPress Website with Courses, Lessons, Quizzes &am &hellip;

80K 67 CVEs
MasterStudy LMS WordPress Plugin – for Online Courses and Education

MasterStudy LMS WordPress Plugin – for Online Courses and Education

masterstudy-lms-learning-management-system

B
76

Learning Management System and eLearning plugin for WordPress. Create easily LMS WordPress website, add and sell Courses, Lessons, Quizzes online.

10K 26 CVEs
Masteriyo LMS – Online Course Builder for eLearning, LMS & Education

Masteriyo LMS – Online Course Builder for eLearning, LMS & Education

learning-management-system

B
83

The complete WordPress LMS plugin for course creation & monetization. Create engaging courses, lessons, quizzes, assignments & certificates.

4K 13 CVEs
Academy LMS – WordPress LMS Plugin for Complete eLearning Solution

Academy LMS – WordPress LMS Plugin for Complete eLearning Solution

academy

B
81

Academy LMS is the all-rounder among all WordPress LMS plugins. A complete solution, easy to use, feature-rich and provides powerful integrations.

2K 11 CVEs
Developer Profile

Dozent LMS – Powerful WordPress LMS plugin Developer Profile

themeqx

5 plugins · 130 total installs

81
trust score
Avg Security Score
81/100
Avg Patch Time
30 days
View full developer profile
Detection Fingerprints

How We Detect Dozent LMS – Powerful WordPress LMS plugin

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/dozent-lms/resources/css/style.css/wp-content/plugins/dozent-lms/resources/css-rtl/style-rtl.css/wp-content/plugins/dozent-lms/resources/js/main.js/wp-content/plugins/dozent-lms/resources/js/main.min.js/wp-content/plugins/dozent-lms/resources/libraries/noUiSlider/nouislider.min.css/wp-content/plugins/dozent-lms/resources/libraries/noUiSlider/nouislider.min.js/wp-content/plugins/dozent-lms/resources/libraries/videojs/videojs.min.css/wp-content/plugins/dozent-lms/resources/libraries/videojs/videojs.min.js+2 more
Script Paths
/wp-content/plugins/dozent-lms/resources/js/main.js/wp-content/plugins/dozent-lms/resources/js/main.min.js/wp-content/plugins/dozent-lms/resources/libraries/noUiSlider/nouislider.min.js/wp-content/plugins/dozent-lms/resources/libraries/videojs/videojs.min.js/wp-content/plugins/dozent-lms/resources/libraries/videojs/Youtube.min.js/wp-content/plugins/dozent-lms/resources/libraries/videojs/Vimeo.min.js
Version Parameters
dozent-lms/resources/css/style.css?ver=dozent-lms/resources/css-rtl/style-rtl.css?ver=dozent-lms/resources/js/main.js?ver=dozent-lms/resources/js/main.min.js?ver=dozent-lms/resources/libraries/noUiSlider/nouislider.min.css?ver=dozent-lms/resources/libraries/noUiSlider/nouislider.min.js?ver=dozent-lms/resources/libraries/videojs/videojs.min.css?ver=dozent-lms/resources/libraries/videojs/videojs.min.js?ver=dozent-lms/resources/libraries/videojs/Youtube.min.js?ver=dozent-lms/resources/libraries/videojs/Vimeo.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
dozent-lmsdlms-rating-modaldlms-leave-rating-btndlms-course-rating-starsdlms-course-card__ratingsdlms-course-list-title__rating
HTML Comments
<!-- DozentLMS_Template --><!-- DozentLMS_Course_Content --><!-- DozentLMS_Course_Sidebar --><!-- DozentLMS_Course_Progress -->+3 more
Data Attributes
data-dozentlms-ratingdata-course-iddata-review-iddata-logged-indata-nonce
JS Globals
_dozentlmsDozentLMS
REST Endpoints
/wp-json/dozentlms/v1/reviews/wp-json/dozentlms/v1/course-progress/wp-json/dozentlms/v1/enroll
Shortcode Output
[dozent_lms_courses][dozent_lms_course_details][dozent_lms_student_dashboard][dozent_lms_course_curriculum]
FAQ

Frequently Asked Questions about Dozent LMS – Powerful WordPress LMS plugin