Does Quick Learn have any unpatched vulnerabilities?

Yes — Quick Learn currently has 1 unpatched vulnerability. We recommend switching to an alternative or applying any available workarounds.

Is Quick Learn compatible with WordPress 6.1.10?

According to WordPress.org data, Quick Learn 1.0.1 has been tested up to WordPress 6.1.10. Check the plugin's changelog for the latest compatibility information.

Is Quick Learn compatible with PHP 7.0+?

Quick Learn requires PHP 7.0 or higher. Most modern WordPress hosts run PHP 8.1 or 8.2. If you are on an older PHP version, consider upgrading before installing this plugin.

How often is Quick Learn updated?

Quick Learn was last updated on Dec 2, 2022. Frequent updates are generally a positive security signal.

What is Quick Learn's security score?

Quick Learn has a WP-Safety security score of 59/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Quick Learn Security Review — Score 59/100 (use caution)

Safety Verdict

Is Quick Learn Safe to Use in 2026?

Use With Caution

Score 59/100

Quick Learn has 1 unpatched vulnerability. Evaluate alternatives or apply available mitigations.

1 known CVE 1 unpatched Last CVE: Nov 18, 2024Updated 3yr ago

Risk Assessment

The "quick-learn" plugin exhibits a concerning security posture due to a high number of unprotected AJAX handlers and a critical, unpatched deserialization vulnerability. While the plugin demonstrates good practices in using prepared statements for SQL queries and properly escaping most output, these strengths are overshadowed by significant vulnerabilities. The static analysis reveals a large attack surface with 48 out of 53 entry points lacking authentication checks, presenting a broad target for attackers. Furthermore, the presence of 17 dangerous "unserialize" function calls, coupled with a critical taint flow originating from unsanitized paths, strongly suggests a high risk of deserialization vulnerabilities, as confirmed by its vulnerability history which lists a critical CVE for this exact type of issue. The critical and unpatched nature of this vulnerability, along with its recent occurrence, indicates an immediate threat that requires urgent attention. While the plugin uses nonces and capability checks in some instances, the sheer volume of unprotected AJAX endpoints and the critical deserialization flaw make it a high-risk component.

Key Concerns

Unpatched critical CVE: Deserialization of Untrusted Data
High number of unprotected AJAX handlers
Dangerous function 'unserialize' used
Critical taint flow with unsanitized paths
Bundled outdated TCPDF v1.0.004 library
Only 1 nonce check for numerous AJAX handlers
Only 2 capability checks for numerous entry points

Vulnerabilities

1

Quick Learn Security Vulnerabilities

CVEs by Year

1 CVE in 2024 · unpatched

2024

Patched Has unpatched

Severity Breakdown

Critical

1

1 total CVE

CVE-2024-52441critical · 9.8Deserialization of Untrusted Data

Quick Learn <= 1.0.1 - Unauthenticated PHP Object Injection

Nov 18, 2024Unpatched

Code Analysis

Analyzed Mar 17, 2026

Quick Learn Code Analysis

Dangerous Functions

17

Raw SQL Queries

2

236 prepared

Unescaped Output

66

1339 escaped

Nonce Checks

1

Capability Checks

2

File Operations

11

External Requests

1

Bundled Libraries

1

Dangerous Functions Found

unserialize$answer=unserialize($value['answer_data']);inc\admin\template-part\questionrows.php:56

unserialize$answer_dataqq = unserialize($value['answer_data']);inc\get_quiz_question.php:60

unserialize$meta_value = unserialize($result['meta_value']);inc\gsp-downloadpdf.php:35

unserialize$unserialize = unserialize($user_data_result[0]['meta_value']);inc\startdata.php:81

unserialize$answer_dataqq = unserialize($value['answer_data']);inc\startdata.php:220

unserialize$meta_value = unserialize($value['meta_value']);tbit_quicklearn.php:2713

unserialize$updatedata=unserialize($value['answer_data']);tbit_quicklearn.php:3732

unserialize$unserialize=unserialize($results[0]['answer_data']);tbit_quicklearn.php:3768

unserialize$meta_value = unserialize($results[0]['meta_value']);tbit_quicklearn.php:4212

unserialize$unserialize_value = unserialize($v['answer_data']);tbit_quicklearn.php:4227

unserialize$answer_dataqq = unserialize($value['answer_data']);tbit_quicklearn.php:4563

unserialize$answer_dataqq = unserialize($value['answer_data']);tbit_quicklearn.php:4644

unserialize$meta_value = unserialize($value['meta_value']);tbit_quicklearn.php:6310

unserialize$data = unserialize(base64_decode($act));tbit_quicklearn.php:7410

unserialize$unserialize = unserialize($user_data_result[0]['meta_value']);templates\single-lms-courses.php:816

unserialize$unserialize = unserialize($user_data_result[0]['meta_value']);templates\single_lms_startquiz.php:80

unserialize$answer_dataqq = unserialize($value['answer_data']);templates\single_lms_startquiz.php:266

Bundled Libraries

TCPDF1.0.004

SQL Query Safety

99% prepared238 total queries

Output Escaping

95% escaped1405 total outputs

Data Flows

8 unsanitized

Data Flow Analysis

25 flows8 with unsanitized paths

Tbit_lms_addpayment (tbit_quicklearn.php:5422)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

48 unprotected

Quick Learn Attack Surface

Entry Points53

Unprotected48

AJAX Handlers 48

authwp_ajax_removeratinginc\ajax.php:2

authwp_ajax_approvedisapproveratinginc\ajax.php:23

authwp_ajax_sendratingandreviewinc\ajax.php:56

authwp_ajax_getallreviewsbypostidinc\ajax.php:103

authwp_ajax_addnewsectioninc\functions.php:5

authwp_ajax_updatesectiondatainc\functions.php:40

authwp_ajax_insertlesstinandtestinc\functions.php:74

authwp_ajax_deletesectioniteminc\functions.php:127

authwp_ajax_deletesectioninc\functions.php:164

authwp_ajax_getselectionboxinc\functions.php:174

authwp_ajax_insertdatainlessionassesmentsinc\functions.php:237

authwp_ajax_searchqueryinc\functions.php:314

authwp_ajax_addnewsectiontbit_quicklearn.php:318

authwp_ajax_updatesectiondatatbit_quicklearn.php:364

authwp_ajax_order_status_changetbit_quicklearn.php:2869

authwp_ajax_insertlesstinandtesttbit_quicklearn.php:2898

authwp_ajax_addandremovewishlisttbit_quicklearn.php:2992

authwp_ajax_logintbit_quicklearn.php:3027

noprivwp_ajax_logintbit_quicklearn.php:3028

authwp_ajax_deletesectionitemtbit_quicklearn.php:3092

authwp_ajax_deletesectiontbit_quicklearn.php:3138

authwp_ajax_getselectionboxtbit_quicklearn.php:3161

authwp_ajax_insertdatainlessionassesmentstbit_quicklearn.php:3292

authwp_ajax_searchquerytbit_quicklearn.php:3394

authwp_ajax_insertqustionanswerstarttbit_quicklearn.php:3456

authwp_ajax_insertanswer_typetbit_quicklearn.php:3518

authwp_ajax_insertanswer_typenewtbit_quicklearn.php:3562

authwp_ajax_questiontextchangetbit_quicklearn.php:3606

authwp_ajax_deletequestionoptiontbit_quicklearn.php:3643

authwp_ajax_updateanswerdatatbit_quicklearn.php:3690

authwp_ajax_getassetmentselectionboxtbit_quicklearn.php:3797

authwp_ajax_searchassesmentquerytbit_quicklearn.php:3864

authwp_ajax_insertdatainassementquestiontbit_quicklearn.php:3956

authwp_ajax_deleteassementitemtbit_quicklearn.php:4012

authwp_ajax_useranswersubmittbit_quicklearn.php:4061

authwp_ajax_insert_lession_datatbit_quicklearn.php:4157

noprivwp_ajax_insert_lession_datatbit_quicklearn.php:4159

authwp_ajax_updatequizdatatbit_quicklearn.php:4763

noprivwp_ajax_updatequizdatatbit_quicklearn.php:4765

authwp_ajax_generalinformationupdatetbit_quicklearn.php:4773

authwp_ajax_changepasswordtbit_quicklearn.php:4850

authwp_ajax_profileimageuploadtbit_quicklearn.php:4899

authwp_ajax_startquiztbit_quicklearn.php:4955

authwp_ajax_retakestartquiztbit_quicklearn.php:5127

authwp_ajax_get_quiz_datatbit_quicklearn.php:5345

authwp_ajax_approve_usertbit_quicklearn.php:6933

authwp_ajax_disapprove_usertbit_quicklearn.php:6947

authwp_ajax_assetment_retaketbit_quicklearn.php:6999

Shortcodes 5

[all-courses] tbit_quicklearn.php:5407

[all_listing] tbit_quicklearn.php:5567

[register-user-as-student] tbit_quicklearn.php:5987

[my-account] tbit_quicklearn.php:6848

[wishlist] tbit_quicklearn.php:6849

WordPress Hooks 48

actionadmin_menuinc\admin\template-part\admin_menu.php:74

actionadmin_initinc\admin\template-part\admin_menu.php:1482

actionsave_postinc\admin\template-part\admin_menu.php:1602

actioninitinc\admin\wp-admin-function.php:315

actionadmin_menuinc\admin\wp-admin-function.php:327

actionadmin_initinc\admin\wp-admin-function.php:328

actioninitinc\admin\wp-admin-function.php:646

actionadmin_initinc\function_config.php:2

actionwidgets_initinc\gsp-functions.php:70

actionwidgets_initinc\gsp-functions.php:115

actionshow_user_profileinc\gsp-functions.php:117

actionedit_user_profileinc\gsp-functions.php:118

actionpersonal_options_updateinc\gsp-functions.php:194

actionedit_user_profile_updateinc\gsp-functions.php:195

actioninittbit_quicklearn.php:264

actionadmin_enqueue_scriptstbit_quicklearn.php:303

actionwp_enqueue_scriptstbit_quicklearn.php:316

actioninittbit_quicklearn.php:370

filterviews_edit-lms-coursestbit_quicklearn.php:414

filterviews_edit-lms-lessonstbit_quicklearn.php:415

filterviews_edit-lms-assesmentstbit_quicklearn.php:416

filterviews_edit-lms-questiontbit_quicklearn.php:417

actionpre_get_poststbit_quicklearn.php:443

filterpre_get_poststbit_quicklearn.php:444

actionadmin_menutbit_quicklearn.php:521

actioninittbit_quicklearn.php:2816

actionwp_enqueue_scriptstbit_quicklearn.php:4104

actionadmin_enqueue_scriptstbit_quicklearn.php:4135

filtersingle_templatetbit_quicklearn.php:5757

filteruser_row_actionstbit_quicklearn.php:6914

actionadmin_menutbit_quicklearn.php:6966

filterwp_authenticate_usertbit_quicklearn.php:6998

actionadmin_enqueue_scriptstbit_quicklearn.php:7052

filtermanage_lms-courses_posts_columnstbit_quicklearn.php:7054

actionmanage_lms-courses_posts_custom_columntbit_quicklearn.php:7128

filtermanage_lms-lessons_posts_columnstbit_quicklearn.php:7130

actionmanage_lms-lessons_posts_custom_columntbit_quicklearn.php:7171

filtermanage_lms-assesments_posts_columnstbit_quicklearn.php:7175

actionmanage_lms-assesments_posts_custom_columntbit_quicklearn.php:7215

filtermanage_lms-question_posts_columnstbit_quicklearn.php:7217

actionmanage_lms-question_posts_custom_columntbit_quicklearn.php:7258

actionpre_get_poststbit_quicklearn.php:7259

actionrestrict_manage_poststbit_quicklearn.php:7315

actionparent_filetbit_quicklearn.php:7328

actionuser_registertbit_quicklearn.php:7338

actioninittbit_quicklearn.php:7385

filtertemplate_includetbit_quicklearn.php:7392

actioninittbit_quicklearn.php:7405

Maintenance & Trust

Quick Learn Maintenance & Trust

Maintenance Signals

WordPress version tested6.1.10

Last updatedDec 2, 2022

PHP min version7.0

Downloads1K

Community Trust

Rating0/100

Number of ratings0

Active installs0

Alternatives

Quick Learn Alternatives

WP Courseware – Mailchimp Addon

wp-courseware-mailchimp-addon

A

92

Subscribe your customers to MailChimp audience and tags upon enrollment.

10 No CVEs

WP Learn Manager

learn-manager

B

84

WP Learn Manager is the most comprehensive, extensive, and feature-rich WordPress LMS plugin.

10 2 CVEs

MemberWunder LMS – Learning Management System – Ein WordPress e-Learning Plugin

memberwunder

A

85

Ein WordPress e-Learning (LMS) Plugin, um sogenannte WordPress Learning Management Systeme zu erstellen mit anpassbaren Designs und sofort einsetzbare …

10 No CVEs

ConvertKit Addon for WP Courseware

wp-courseware-convertkit-addon

A

92

Subscribe your customers to ConvertKit forms, sequences, and tags upon enrollment complete with webhooks.

10 No CVEs

Tutor LMS – eLearning and online course solution

tutor

B

75

A complete WordPress LMS plugin to create any eLearning website easily.

100K 61 CVEs

Developer Profile

Quick Learn Developer Profile

Rajesh Thanoch

1 plugin · 0 total installs

65

trust score

Avg Security Score

59/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Quick Learn

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/quick-learn/css/common.css/wp-content/plugins/quick-learn/css/responsive.css/wp-content/plugins/quick-learn/css/settings.css/wp-content/plugins/quick-learn/css/frontend.css/wp-content/plugins/quick-learn/css/admin.css/wp-content/plugins/quick-learn/js/common.js/wp-content/plugins/quick-learn/js/frontend.js/wp-content/plugins/quick-learn/js/admin.js

Script Paths

/wp-content/plugins/quick-learn/js/common.js/wp-content/plugins/quick-learn/js/frontend.js/wp-content/plugins/quick-learn/js/admin.js

Version Parameters

quick-learn/css/common.css?ver=quick-learn/css/responsive.css?ver=quick-learn/css/settings.css?ver=quick-learn/css/frontend.css?ver=quick-learn/css/admin.css?ver=quick-learn/js/common.js?ver=quick-learn/js/frontend.js?ver=quick-learn/js/admin.js?ver=

HTML / DOM Fingerprints

CSS Classes

quick-learn-wrapperql-course-detailsql-lesson-navigationql-quiz-containerql-certificate-generator

HTML Comments

Data Attributes

data-quick-learn-course-iddata-ql-user-iddata-ql-lesson-slug

JS Globals

window.quickLearnSettingsvar ql_ajax_urlvar ql_course_data

Shortcode Output

[my-account][register-user-as-student]

FAQ

Quick Learn Security & Risk Analysis

Is Quick Learn Safe to Use in 2026?

Use With Caution

Key Concerns

Quick Learn Security Vulnerabilities

CVEs by Year

Severity Breakdown

Quick Learn Code Analysis

Dangerous Functions Found

Bundled Libraries

SQL Query Safety

Output Escaping

Data Flow Analysis

Quick Learn Attack Surface

AJAX Handlers 48

Shortcodes 5

Quick Learn Maintenance & Trust

Maintenance Signals

Community Trust

Quick Learn Alternatives

WP Courseware – Mailchimp Addon

WP Learn Manager

MemberWunder LMS – Learning Management System – Ein WordPress e-Learning Plugin

ConvertKit Addon for WP Courseware

Tutor LMS – eLearning and online course solution

Quick Learn Developer Profile

How We Detect Quick Learn

Asset Fingerprints

HTML / DOM Fingerprints

Frequently Asked Questions about Quick Learn