Does Klass.lk LMS have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Klass.lk LMS compatible with WordPress 6.8.5?

According to WordPress.org data, Klass.lk LMS 1.0.0 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

Is Klass.lk LMS compatible with PHP 7.4+?

Klass.lk LMS requires PHP 7.4 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Klass.lk LMS updated?

Klass.lk LMS was last updated on Aug 22, 2025. Frequent updates are generally a positive security signal.

What is Klass.lk LMS's security score?

Klass.lk LMS has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Klass.lk LMS Security & Risk Analysis

wordpress.org/plugins/klasslk-lms

Seamlessly integrate your WordPress site with Klass.lk learning management system. Display courses and teachers with beautiful, interactive modals.

0 active installs v1.0.0 PHP 7.4+ WP 5.0+ Updated Aug 22, 2025

courseseducationklasslmsteachers

A · Safe

CVEs total0

Unpatched0

Last CVENever

Download

Safety Verdict

Is Klass.lk LMS Safe to Use in 2026?

Generally Safe

Score 100/100

Klass.lk LMS has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 8mo ago

Risk Assessment

Based on the provided static analysis and vulnerability history, the "klasslk-lms" v1.0.0 plugin exhibits a generally strong security posture. The absence of any known CVEs, critical or high-severity taint flows, and the consistent use of prepared statements for SQL queries are significant strengths. All identified code signals, including output escaping and nonce checks, appear to be implemented correctly, indicating good development practices. The plugin also demonstrates a proactive approach to security by performing capability checks on its entry points.

However, there are a few areas that warrant attention. While the attack surface is relatively small, the presence of external HTTP requests, even if they are not immediately flagged as problematic, always introduces a potential risk. The plugin's limited use of capability checks (only 1 is listed) for its 9 AJAX handlers could be a concern if not all handlers are appropriately secured. Further investigation into the nature of these external requests and a comprehensive review of all AJAX handler permission checks would be beneficial.

In conclusion, "klasslk-lms" v1.0.0 appears to be a well-developed plugin with a solid foundation in secure coding practices. Its clean vulnerability history and adherence to many security best practices are commendable. The main opportunities for improvement lie in thoroughly vetting the security implications of its external HTTP requests and ensuring robust authorization checks across all its AJAX endpoints.

Key Concerns

External HTTP requests present a potential risk
Limited capability checks on AJAX handlers

Vulnerabilities

None known

Klass.lk LMS Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Klass.lk LMS Release Timeline

v1.0.0Current

Code Analysis

Analyzed Apr 16, 2026

Klass.lk LMS Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

10 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Output Escaping

100% escaped10 total outputs

Data Flows · Security

All sanitized

Data Flow Analysis

5 flows

save_institute_settings (admin/class-klass-admin.php:196)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

Klass.lk LMS Attack Surface

Entry Points11

Unprotected0

AJAX Handlers 9

authwp_ajax_klasslklms_save_institute_settingsadmin/class-klass-admin.php:20

authwp_ajax_klasslklms_get_institute_coursesincludes/api/class-klass-api-handlers.php:27

noprivwp_ajax_klasslklms_get_institute_coursesincludes/api/class-klass-api-handlers.php:28

authwp_ajax_klasslklms_get_institute_course_detailsincludes/api/class-klass-api-handlers.php:29

noprivwp_ajax_klasslklms_get_institute_course_detailsincludes/api/class-klass-api-handlers.php:30

authwp_ajax_klasslklms_get_institute_teachersincludes/api/class-klass-api-handlers.php:33

noprivwp_ajax_klasslklms_get_institute_teachersincludes/api/class-klass-api-handlers.php:34

authwp_ajax_klasslklms_get_institute_teacher_detailsincludes/api/class-klass-api-handlers.php:35

noprivwp_ajax_klasslklms_get_institute_teacher_detailsincludes/api/class-klass-api-handlers.php:36

Shortcodes 2

[klasslklms_institute_courses] includes/shortcodes/class-klass-shortcode-handlers.php:26

[klasslklms_institute_teachers] includes/shortcodes/class-klass-shortcode-handlers.php:27

WordPress Hooks 6

actionadmin_menuadmin/class-klass-admin.php:18

actionadmin_enqueue_scriptsadmin/class-klass-admin.php:19

actioninitincludes/shortcodes/class-klass-shortcode-handlers.php:19

actioninitklass.php:19

actionwp_enqueue_scriptsklass.php:29

filterplugin_row_metaklass.php:113

Maintenance & Trust

Klass.lk LMS Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedAug 22, 2025

PHP min version7.4

Downloads202

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Klass.lk LMS Alternatives

Tutor LMS Divi Modules

tutor-lms-divi-modules

Get 26+ Tutor LMS Divi Page builder widgets to create an entire eLearning site and design custom course pages, course carousels, listings, and more.

1K No CVEs

MasterStudy LMS Divi Modules

masterstudy-lms-divi-modules

100

MasterStudy LMS Divi Modules is a deluxe Divi + MasterStudy integration. The harmonious combination of a quality MasterStudy LMS system and one of the …

300 No CVEs

Dear LMS

dear-lms

100

A complete Learning Management System with courses, lessons, and topics using custom post types and drag-and-drop dashboard interface.

0 No CVEs

Lenxel AI LMS – Course Lesson Generator

lenxel-core

Lenxel AI LMS is a WordPress plugin that provides a comprehensive Learning Management System with AI-assisted course creation.

0 2 unpatched

Mentaro LMS

mentaro-lms

100

Fast, focused LMS for WordPress: build courses quickly with a clean, reliable workflow.

0 No CVEs

Developer Profile

Klass.lk LMS Developer Profile

origyn

4 plugins · 320 total installs

trust score

Avg Security Score

100/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Klass.lk LMS

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/klasslk-lms/assets/js/modal.js/wp-content/plugins/klasslk-lms/assets/js/course-details.js/wp-content/plugins/klasslk-lms/assets/js/teacher-details.js/wp-content/plugins/klasslk-lms/assets/js/courses.js/wp-content/plugins/klasslk-lms/assets/js/teachers.js/wp-content/plugins/klasslk-lms/assets/images/defaultteacher.png/wp-content/plugins/klasslk-lms/assets/images/defaultcourse.jpg/wp-content/plugins/klasslk-lms/assets/css/styles.css+4 more

Script Paths

klasslklms-modalklasslklms-course-detailsklasslklms-teacher-detailsklasslklms-coursesklasslklms-teachersklasslklms-admin-settings

Version Parameters

klasslklms-modal?ver=klasslklms-course-details?ver=klasslklms-teacher-details?ver=klasslklms-courses?ver=klasslklms-teachers?ver=klasslklms-display-css?ver=klasslklms-modal-css?ver=klasslklms-admin-css?ver=klasslklms-admin-settings?ver=

HTML / DOM Fingerprints

CSS Classes

klass-admin-wrapklass-admin-headerklass-logo-sectionklass-logoklass-header-textklass-subtitleklass-admin-contentklass-settings-card+2 more

Data Attributes

data-klasslklms-modal

JS Globals

klasslklmsAjaxklasslklmsAdminSettings

FAQ