WP-Safety

Tutor LMS Divi Modules Security & Risk Analysis

wordpress.org/plugins/tutor-lms-divi-modules

Get 26+ Tutor LMS Divi Page builder widgets to create an entire eLearning site and design custom course pages, course carousels, listings, and more.

1K active installs v3.0.0 PHP 7.3+ WP 5.3+ Updated Dec 4, 2024
courseseducationelearninglearning-management-systemlms
92
A · Safe
CVEs total0
Unpatched0
Last CVENever
Download
Safety Verdict

Is Tutor LMS Divi Modules Safe to Use in 2026?

Generally Safe

Score 92/100

Tutor LMS Divi Modules has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 1yr ago
Risk Assessment

The plugin "tutor-lms-divi-modules" v3.0.0 exhibits a generally strong security posture based on the provided static analysis. The absence of dangerous functions, raw SQL queries, file operations, external HTTP requests, and a clean vulnerability history are all positive indicators. Furthermore, the plugin's design appears to minimize its direct attack surface by not exposing any AJAX handlers, REST API routes, shortcodes, or cron events directly to user interaction without authentication checks. This suggests a thoughtful approach to integrating with the WordPress ecosystem.

However, there are areas that warrant attention. The taint analysis revealed two flows with unsanitized paths, which, while not classified as critical or high severity, represent a potential for unexpected behavior or information leakage if exploited under specific conditions. The lack of demonstrated nonce and capability checks across the analyzed code signals is also a concern. While the attack surface is reported as zero without auth checks, this metric might not fully capture all potential entry points or the context in which these checks are applied. A comprehensive security review would need to examine these specific flows and the overall implementation of authorization mechanisms.

In conclusion, "tutor-lms-divi-modules" v3.0.0 appears to be built with security in mind, demonstrating good practices in many areas and lacking a history of known vulnerabilities. The main concerns stem from the identified unsanitized paths in the taint analysis and the absence of explicit nonce/capability checks in the static analysis, which could represent latent risks. Addressing these potential weaknesses proactively will further solidify the plugin's security.

Key Concerns

  • Flows with unsanitized paths found
  • No nonce checks detected
  • No capability checks detected
Vulnerabilities
None known

Tutor LMS Divi Modules Security Vulnerabilities

No known vulnerabilities — this is a good sign.
Code Analysis
Analyzed Mar 16, 2026

Tutor LMS Divi Modules Code Analysis

Dangerous Functions
0
Raw SQL Queries
0
0 prepared
Unescaped Output
166
1114 escaped
Nonce Checks
0
Capability Checks
0
File Operations
0
External Requests
0
Bundled Libraries
0

Output Escaping

87% escaped1280 total outputs
Data Flows
2 unsanitized

Data Flow Analysis

3 flows2 with unsanitized paths
<course_list> (includes\templates\course\course_list.php:0)
Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized
Attack Surface

Tutor LMS Divi Modules Attack Surface

Entry Points0
Unprotected0
WordPress Hooks 20
actionadmin_initincludes\classes\Requirements.php:23
actionadmin_enqueue_scriptsincludes\classes\Requirements.php:24
actionadmin_noticesincludes\classes\Requirements.php:35
actionadmin_noticesincludes\classes\Requirements.php:39
filtertemplate_includeincludes\classes\Template.php:20
filtertutor_course_topics_titleincludes\modules\CourseContent\CourseContent.php:927
filtertutor_course_reviews_section_titleincludes\modules\CourseContent\CourseContent.php:935
filtertutor_course_topics_titleincludes\modules\CourseContent\CourseContent.php:956
filtertutor_course_reviews_section_titleincludes\modules\CourseContent\CourseContent.php:964
filtertutor_course_topics_titleincludes\modules\CourseCurriculum\CourseCurriculum.php:324
filtertutor_course_topics_titleincludes\modules\CourseCurriculum\CourseCurriculum.php:340
filtertutor_default_topics_active_tabincludes\templates\course\content-editor.php:14
filtertutor_default_topics_active_tabincludes\templates\course\content.php:13
filteredd_purchase_link_defaultsincludes\templates\course\loop\course-price-edd.php:17
actionwp_enqueue_scriptsincludes\TutorDiviModules.php:55
actionadmin_enqueue_scriptsincludes\TutorDiviModules.php:57
filtertutor_course_builder_editor_listincludes\TutorDiviModules.php:59
filtertutor_course_builder_editor_usedincludes\TutorDiviModules.php:60
actioninittutor-lms-divi-modules.php:58
actiondivi_extensions_inittutor-lms-divi-modules.php:65
Maintenance & Trust

Tutor LMS Divi Modules Maintenance & Trust

Maintenance Signals

WordPress version tested6.7.5
Last updatedDec 4, 2024
PHP min version7.3
Downloads22K

Community Trust

Rating42/100
Number of ratings7
Active installs1K
Alternatives

Tutor LMS Divi Modules Alternatives

Tutor LMS – eLearning and online course solution

Tutor LMS – eLearning and online course solution

tutor

B
75

A complete WordPress LMS plugin to create any eLearning website easily.

100K 60 CVEs
LearnPress – WordPress LMS Plugin for Create and Sell Online Courses

LearnPress – WordPress LMS Plugin for Create and Sell Online Courses

learnpress

B
76

A WordPress LMS Plugin to create WordPress Learning Management System. Turn your WordPress to LMS WordPress Website with Courses, Lessons, Quizzes &am &hellip;

80K 63 CVEs
LearnPress – Course Wishlist

LearnPress – Course Wishlist

learnpress-wishlist

A
100

LearnPress Wishlist add wishlist feature to your LearnPress course in your site.

20K No CVEs
MasterStudy LMS WordPress Plugin – for Online Courses and Education

MasterStudy LMS WordPress Plugin – for Online Courses and Education

masterstudy-lms-learning-management-system

B
76

Learning Management System and eLearning plugin for WordPress. Create easily LMS WordPress website, add and sell Courses, Lessons, Quizzes online.

10K 24 CVEs
LearnPress – Prerequisites Courses

LearnPress – Prerequisites Courses

learnpress-prerequisites-courses

A
92

LearnPress Prerequisites is an add-on for LearnPress allow you to set prerequisite courses for a certain course in a LearnPress site.

6K No CVEs
Developer Profile

Tutor LMS Divi Modules Developer Profile

Themeum

14 plugins · 675K total installs

70
trust score
Avg Security Score
87/100
Avg Patch Time
269 days
View full developer profile
Detection Fingerprints

How We Detect Tutor LMS Divi Modules

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths
/wp-content/plugins/tutor-lms-divi-modules/assets/css/admin_notice.min.css/wp-content/plugins/tutor-lms-divi-modules/assets/css/tutor-divi-style.min.css/wp-content/plugins/tutor-lms-divi-modules/assets/slick/slick.min.css/wp-content/plugins/tutor-lms-divi-modules/assets/slick/slick-theme.css/wp-content/plugins/tutor-lms-divi-modules/assets/js/scripts.js/wp-content/plugins/tutor-lms-divi-modules/assets/slick/slick.min.js
Script Paths
/wp-content/plugins/tutor-lms-divi-modules/assets/js/scripts.js/wp-content/plugins/tutor-lms-divi-modules/assets/slick/slick.min.js
Version Parameters
tutor-lms-divi-modules/assets/css/admin_notice.min.css?ver=tutor-lms-divi-modules/assets/css/tutor-divi-style.min.css?ver=tutor-lms-divi-modules/assets/slick/slick.min.css?ver=tutor-lms-divi-modules/assets/slick/slick-theme.css?ver=tutor-lms-divi-modules/assets/js/scripts.js?ver=tutor-lms-divi-modules/assets/slick/slick.min.js?ver=

HTML / DOM Fingerprints

CSS Classes
tutor-divi-stylestutor-divi-slick-csstutor-divi-slick-theme-csstutor-divi-scripts
HTML Comments
Themeum<www.themeum.com>Themeum <www.themeum.com>
Data Attributes
data-slug="tutor_course_author"
JS Globals
dtlmsData
Shortcode Output
[tutor_course_author
FAQ

Frequently Asked Questions about Tutor LMS Divi Modules