Does GamiPress – LifterLMS Group Leaderboard have any unpatched vulnerabilities?

No. All known vulnerabilities in GamiPress – LifterLMS Group Leaderboard have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is GamiPress – LifterLMS Group Leaderboard compatible with WordPress 6.9.4?

According to WordPress.org data, GamiPress – LifterLMS Group Leaderboard 1.0.8 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is GamiPress – LifterLMS Group Leaderboard updated?

GamiPress – LifterLMS Group Leaderboard was last updated on Dec 1, 2025. Frequent updates are generally a positive security signal.

What is GamiPress – LifterLMS Group Leaderboard's security score?

GamiPress – LifterLMS Group Leaderboard has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

GamiPress – LifterLMS Group Leaderboard Security & Risk Analysis

wordpress.org/plugins/gamipress-lifterlms-group-leaderboard

Add a completely configurable tab on LifterLMS groups with a GamiPress leaderboard of group members

20 active installs v1.0.8 PHP + WP 4.4+ Updated Dec 1, 2025

achievementgamificationgamifygamipresspoint

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is GamiPress – LifterLMS Group Leaderboard Safe to Use in 2026?

Generally Safe

Score 100/100

GamiPress – LifterLMS Group Leaderboard has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 4mo ago

Risk Assessment

The "gamipress-lifterlms-group-leaderboard" plugin v1.0.8 exhibits a mixed security posture. On the positive side, it demonstrates good practices by utilizing prepared statements for all SQL queries and avoiding dangerous functions, file operations, and external HTTP requests. The absence of any recorded vulnerabilities or CVEs in its history is also a strong indicator of past security diligence. However, significant concerns arise from the static analysis. The presence of an unprotected AJAX handler presents a direct attack vector, especially given the complete lack of nonce and capability checks throughout the code. This opens the door for potential unauthorized actions or data manipulation if an attacker can trigger this handler. While taint analysis shows no immediate critical or high-severity flows, the lack of checks on the AJAX endpoint means that any data processed by it could be vulnerable if not properly sanitized and escaped before output.

Key Concerns

Unprotected AJAX handler
Missing nonce checks
Missing capability checks
Inconsistent output escaping

Vulnerabilities

None known

GamiPress – LifterLMS Group Leaderboard Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

GamiPress – LifterLMS Group Leaderboard Code Analysis

Dangerous Functions

Raw SQL Queries

2 prepared

Unescaped Output

6 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

SQL Query Safety

100% prepared2 total queries

Output Escaping

55% escaped11 total outputs

Attack Surface

1 unprotected

GamiPress – LifterLMS Group Leaderboard Attack Surface

Entry Points1

Unprotected1

AJAX Handlers 1

authwp_ajax_gamipress_lifterlms_group_leaderboard_regenerate_leaderboardsincludes\ajax-functions.php:24

WordPress Hooks 18

actionadmin_noticesgamipress-lifterlms-group-leaderboard.php:101

actionplugins_loadedgamipress-lifterlms-group-leaderboard.php:256

filtergamipress_settings_addons_meta_boxesincludes\admin.php:149

actionadd_meta_boxesincludes\admin.php:167

filtergamipress_automatic_updates_pluginsincludes\admin.php:208

filtergamipress_leaderboards_leaderboard_pre_query_varsincludes\content-filters.php:55

filtergamipress_leaderboards_leaderboard_usersincludes\content-filters.php:97

filtergamipress_leaderboards_leaderboard_users_per_pageincludes\content-filters.php:98

filtergamipress_leaderboards_leaderboard_columnsincludes\content-filters.php:99

filtergamipress_leaderboards_leaderboard_metricsincludes\content-filters.php:100

filtergamipress_leaderboards_leaderboard_periodincludes\content-filters.php:101

filtergamipress_leaderboards_leaderboard_period_start_dateincludes\content-filters.php:102

filtergamipress_leaderboards_leaderboard_period_end_dateincludes\content-filters.php:103

filterllms_groups_profile_navigationincludes\lifterlms-groups.php:41

actiondelete_postincludes\lifterlms-groups.php:119

filterllms_groups_profile_tab_slugsincludes\lifterlms-groups.php:140

actionadmin_initincludes\scripts.php:28

actionadmin_enqueue_scriptsincludes\scripts.php:50

Maintenance & Trust

GamiPress – LifterLMS Group Leaderboard Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedDec 1, 2025

PHP min version

Downloads3K

Community Trust

Rating0/100

Number of ratings0

Active installs20

Alternatives

GamiPress – LifterLMS Group Leaderboard Alternatives

GamiPress – Leaderboards Include/Exclude Users

gamipress-leaderboards-include-exclude-users

100

Include or exclude specific users or roles on any leaderboard.

500 No CVEs

GamiPress – Block Users

gamipress-block-users

100

Block users and roles from getting awarded through the GamiPress awards engine

400 No CVEs

GamiPress – BuddyPress Group Leaderboard

gamipress-buddypress-group-leaderboard

100

Add a completely configurable tab on BuddyPress groups with a GamiPress leaderboard of group members

300 No CVEs

GamiPress – Emails By Type

gamipress-emails-by-type

100

Set different emails settings by type

200 No CVEs

GamiPress – Points CSV Tool

gamipress-points-csv-tool

100

Tool to import/export points through CSV files

10 No CVEs

Developer Profile

GamiPress – LifterLMS Group Leaderboard Developer Profile

Ruben Garcia

30 plugins · 25K total installs

trust score

Avg Security Score

99/100

Avg Patch Time

139 days

View full developer profile

Detection Fingerprints

How We Detect GamiPress – LifterLMS Group Leaderboard

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/gamipress-lifterlms-group-leaderboard/assets/css/lifterlms-groups-leaderboard.css/wp-content/plugins/gamipress-lifterlms-group-leaderboard/assets/js/lifterlms-groups-leaderboard.js

Script Paths

/wp-content/plugins/gamipress-lifterlms-group-leaderboard/assets/js/lifterlms-groups-leaderboard.js

Version Parameters

gamipress-lifterlms-group-leaderboard/assets/css/lifterlms-groups-leaderboard.css?ver=gamipress-lifterlms-group-leaderboard/assets/js/lifterlms-groups-leaderboard.js?ver=

HTML / DOM Fingerprints

CSS Classes

gamipress-lifterlms-group-leaderboard-list

Data Attributes

data-gamipress-lifterlms-group-leaderboard-id

JS Globals

gamipress_lifterlms_group_leaderboard_params

Shortcode Output

[lifterlms_group_leaderboard]

FAQ