Does Lesson Bookmark for Tutor LMS have any unpatched vulnerabilities?

No. All known vulnerabilities in Lesson Bookmark for Tutor LMS have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Lesson Bookmark for Tutor LMS compatible with WordPress 6.6.5?

According to WordPress.org data, Lesson Bookmark for Tutor LMS 2.0.3 has been tested up to WordPress 6.6.5. Check the plugin's changelog for the latest compatibility information.

Is Lesson Bookmark for Tutor LMS compatible with PHP 8.0+?

Lesson Bookmark for Tutor LMS requires PHP 8.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Lesson Bookmark for Tutor LMS updated?

Lesson Bookmark for Tutor LMS was last updated on Sep 2, 2024. Frequent updates are generally a positive security signal.

What is Lesson Bookmark for Tutor LMS's security score?

Lesson Bookmark for Tutor LMS has a WP-Safety security score of 92/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Lesson Bookmark for Tutor LMS Security & Risk Analysis

wordpress.org/plugins/lesson-bookmark-tutor-lms

Lesson Bookmark allows you to add lessons in the list of your favorite lessons and to display the favorites with [tllb_display_favorites]

400 active installs v2.0.3 PHP 8.0+ WP 6.0+ Updated Sep 2, 2024

tutor-addontutor-bookmarktutor-lms-addontutor-lms-bookmarktutor-lms-lesson-bookmark

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Lesson Bookmark for Tutor LMS Safe to Use in 2026?

Generally Safe

Score 92/100

Lesson Bookmark for Tutor LMS has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago

Risk Assessment

This plugin, lesson-bookmark-tutor-lms v2.0.3, exhibits a mixed security posture with some concerning elements despite a clean vulnerability history. The presence of two AJAX handlers without authentication checks is a significant weakness, creating an easily exploitable attack surface. Additionally, the use of the `unserialize` function is a red flag, as it can lead to deserialization vulnerabilities if the input is not strictly controlled and sanitized, which is not explicitly demonstrated as being done here. The limited output escaping also raises concerns about potential cross-site scripting (XSS) vulnerabilities in a portion of the plugin's output.

Key Concerns

AJAX handlers without authentication
Use of unserialize function
Low percentage of properly escaped output
No capability checks on entry points

Vulnerabilities

None known

Lesson Bookmark for Tutor LMS Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

Lesson Bookmark for Tutor LMS Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

5 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$current_favorites_array = unserialize($current_favorites[0]);public\class-tutor-lms-lesson-bookmark-public.php:93

unserialize$current_favorites_array = unserialize($current_favorites[0]);public\class-tutor-lms-lesson-bookmark-public.php:132

unserialize<?php $current_favorites_array = unserialize($current_favorites[0]);public\class-tutor-lms-lesson-bookmark-public.php:188

Output Escaping

10% escaped51 total outputs

Attack Surface

2 unprotected

Lesson Bookmark for Tutor LMS Attack Surface

Entry Points3

Unprotected2

AJAX Handlers 2

authwp_ajax_toggle_favoriteincludes\class-tutor-lms-lesson-bookmark.php:181

noprivwp_ajax_toggle_favoriteincludes\class-tutor-lms-lesson-bookmark.php:182

Shortcodes 1

[tllb_display_favorites] includes\class-tutor-lms-lesson-bookmark.php:185

WordPress Hooks 11

actionplugins_loadedincludes\class-tutor-lms-lesson-bookmark.php:132

actionadmin_menuincludes\class-tutor-lms-lesson-bookmark.php:148

actionadmin_enqueue_scriptsincludes\class-tutor-lms-lesson-bookmark.php:154

actionadmin_enqueue_scriptsincludes\class-tutor-lms-lesson-bookmark.php:155

actionadmin_noticesincludes\class-tutor-lms-lesson-bookmark.php:158

actionadmin_footerincludes\class-tutor-lms-lesson-bookmark.php:161

actionwp_enqueue_scriptsincludes\class-tutor-lms-lesson-bookmark.php:175

actionwp_enqueue_scriptsincludes\class-tutor-lms-lesson-bookmark.php:176

actiontutor_lesson/single/after/contentincludes\class-tutor-lms-lesson-bookmark.php:178

actionwp_footerincludes\class-tutor-lms-lesson-bookmark.php:188

actionadmin_noticeslesson-bookmark-tutor-lms.php:83

Maintenance & Trust

Lesson Bookmark for Tutor LMS Maintenance & Trust

Maintenance Signals

WordPress version tested6.6.5

Last updatedSep 2, 2024

PHP min version8.0

Downloads12K

Community Trust

Rating100/100

Number of ratings14

Active installs400

Alternatives

Lesson Bookmark for Tutor LMS Alternatives

No alternatives data available yet.

Developer Profile

Lesson Bookmark for Tutor LMS Developer Profile

Lekcie

2 plugins · 700 total installs

trust score

Avg Security Score

92/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Lesson Bookmark for Tutor LMS

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/lesson-bookmark-tutor-lms/admin/css/tutor-lms-lesson-bookmark-admin.css/wp-content/plugins/lesson-bookmark-tutor-lms/admin/js/tutor-lms-lesson-bookmark-admin.js

Script Paths

admin/js/tutor-lms-lesson-bookmark-admin.js

Version Parameters

tutor-lms-lesson-bookmark-admintutor-lms-lesson-bookmark-admin

HTML / DOM Fingerprints

CSS Classes

tllb_review_noticetllb_hide_notice

Data Attributes

data-duration

Shortcode Output

[tllb_display_favorites]

FAQ