Does myCred Tutor LMS – Gamification in eLearning have any unpatched vulnerabilities?

No. All known vulnerabilities in myCred Tutor LMS – Gamification in eLearning have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is myCred Tutor LMS – Gamification in eLearning compatible with WordPress 6.8.5?

According to WordPress.org data, myCred Tutor LMS – Gamification in eLearning 1.0.8 has been tested up to WordPress 6.8.5. Check the plugin's changelog for the latest compatibility information.

How often is myCred Tutor LMS – Gamification in eLearning updated?

myCred Tutor LMS – Gamification in eLearning was last updated on Apr 16, 2025. Frequent updates are generally a positive security signal.

What is myCred Tutor LMS – Gamification in eLearning's security score?

myCred Tutor LMS – Gamification in eLearning has a WP-Safety security score of 100/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

myCred Tutor LMS – Gamification in eLearning Security & Risk Analysis

wordpress.org/plugins/mycred-tutor-lms-gamification-in-elearning

Connect mycred with Tutor LMS

100 active installs v1.0.8 PHP + WP 4.8+ Updated Apr 16, 2025

elearninggamificationlmsmycredquiz

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is myCred Tutor LMS – Gamification in eLearning Safe to Use in 2026?

Generally Safe

Score 100/100

myCred Tutor LMS – Gamification in eLearning has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 11mo ago

Risk Assessment

The "mycred-tutor-lms-gamification-in-elearning" plugin v1.0.8 exhibits several concerning security weaknesses despite a lack of recorded historical vulnerabilities. A significant concern is the presence of four AJAX handlers that entirely lack authentication checks, creating a substantial attack surface for unauthorized actions. Furthermore, the use of the `unserialize` function, a known vector for remote code execution if not handled with extreme caution and input validation, is present twice. While the plugin does not have a history of known vulnerabilities, this could indicate a lack of thorough auditing or that past versions were not as widely used or scrutinized. The plugin also lacks any nonce checks, which is a critical security measure for AJAX requests. The overall posture is one of significant risk due to the unprotected AJAX endpoints and the potential danger of unserialization.

Key Concerns

4 AJAX handlers without auth checks
2 instances of unserialize function
0 nonce checks on entry points
0 capability checks on entry points

Vulnerabilities

None known

myCred Tutor LMS – Gamification in eLearning Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Code Analysis

Analyzed Mar 16, 2026

myCred Tutor LMS – Gamification in eLearning Code Analysis

Dangerous Functions

Raw SQL Queries

8 prepared

Unescaped Output

393 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

unserialize$attempt_info = unserialize( $attempt_data->attempt_info );includes\mycred-fail-quiz.php:66

unserialize$attempt_info = unserialize( $attempt_data->attempt_info );includes\mycred-pass-quiz.php:70

SQL Query Safety

100% prepared8 total queries

Output Escaping

92% escaped425 total outputs

Data Flows

All sanitized

Data Flow Analysis

1 flows

<function> (includes\function.php:0)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

myCred Tutor LMS – Gamification in eLearning Attack Surface

Entry Points4

Unprotected4

AJAX Handlers 4

authwp_ajax_mycred_specific_course_for_quizmycred-tutor-lms.php:102

noprivwp_ajax_mycred_specific_course_for_quizmycred-tutor-lms.php:103

authwp_ajax_mycred_specific_course_for_lessonmycred-tutor-lms.php:104

noprivwp_ajax_mycred_specific_course_for_lessonmycred-tutor-lms.php:105

WordPress Hooks 18

actiontutor_course_complete_afterincludes\mycred-complete-course.php:41

filtermycred_tutor_lms_hook_limitsincludes\mycred-complete-course.php:180

actiontutor_lesson_completed_afterincludes\mycred-complete-lesson.php:42

filtermycred_tutor_lms_hook_limitsincludes\mycred-complete-lesson.php:192

actiontutor_quiz/attempt_endedincludes\mycred-complete-quiz.php:43

filtermycred_tutor_lms_hook_limitsincludes\mycred-complete-quiz.php:200

actiontutor_after_enrollincludes\mycred-enroll-course.php:41

filtermycred_tutor_lms_hook_limitsincludes\mycred-enroll-course.php:179

actiontutor_quiz/attempt_endedincludes\mycred-fail-quiz.php:43

filtermycred_tutor_lms_hook_limitsincludes\mycred-fail-quiz.php:206

actiontutor_quiz/attempt_endedincludes\mycred-pass-quiz.php:46

filtermycred_tutor_lms_hook_limitsincludes\mycred-pass-quiz.php:220

actionadmin_noticesmycred-tutor-lms.php:62

actionadmin_enqueue_scriptsmycred-tutor-lms.php:98

filtermycred_setup_hooksmycred-tutor-lms.php:99

actionmycred_load_hooksmycred-tutor-lms.php:100

filtermycred_all_referencesmycred-tutor-lms.php:101

actionadmin_noticesmycred-tutor-lms.php:109

Maintenance & Trust

myCred Tutor LMS – Gamification in eLearning Maintenance & Trust

Maintenance Signals

WordPress version tested6.8.5

Last updatedApr 16, 2025

PHP min version

Downloads7K

Community Trust

Rating0/100

Number of ratings0

Active installs100

Alternatives

myCred Tutor LMS – Gamification in eLearning Alternatives

LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes

lifterlms

Complete e-learning platform to sell online courses, protect lessons, offer memberships, and quiz students. WP Learning Management System.

10K 15 CVEs

LifterLMS Labs

lifterlms-labs

100

A collection of experimental, conceptual, and possibly silly features which improve and enhance the functionality of the LifterLMS core.

2K No CVEs

Learning Management System, eLearning, Course Builder, WordPress LMS Plugin – Sikshya LMS

sikshya

Sikshya is free Learning management system (LMS) for WordPress. It helps to create course, lessons, quizzes, questions and answers for your online cou …

30 2 CVEs

WPLMS User Generated Quiz

wplms-user-generated-quiz

Adds shortcode for mock quiz which user selects tags and creates quiz for himself .

30 No CVEs

PressPrimer Quiz – AI Quiz Maker, Exam Builder & LMS Assessment Plugin

pressprimer-quiz

100

Enterprise-grade quiz builder plugin with AI question generation, LMS integration, and beautiful themes. Free forever.

20 No CVEs

Developer Profile

myCred Tutor LMS – Gamification in eLearning Developer Profile

Saad Iqbal

84 plugins · 1.4M total installs

trust score

Avg Security Score

96/100

Avg Patch Time

287 days

View full developer profile

Detection Fingerprints

How We Detect myCred Tutor LMS – Gamification in eLearning

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/mycred-tutor-lms-gamification-in-elearning/assets/css/style.css/wp-content/plugins/mycred-tutor-lms-gamification-in-elearning/assets/js/script.js

Script Paths

/wp-content/plugins/mycred-tutor-lms-gamification-in-elearning/assets/js/script.js

Version Parameters

mycred-tutor-lms-gamification-in-elearning/assets/css/style.css?ver=mycred-tutor-lms-gamification-in-elearning/assets/js/script.js?ver=

HTML / DOM Fingerprints

HTML Comments

<!-- myCred Tutor LMS is now part of the myCred Toolkit and will no longer receive updates here. Only security fixes will be provided. -->

Data Attributes

data-mycred-tutor-lms-quiz-passdata-mycred-tutor-lms-enroll-coursesdata-mycred-tutor-lms-complete-quizdata-mycred-tutor-lms-fail-quizdata-mycred-tutor-lms-complete-coursesdata-mycred-tutor-lms-complete-lesson

JS Globals

mycred_specific_course_for_quizmycred_specific_course_for_lesson

FAQ